Physical presence digital authentication system

ABSTRACT

The interactive authentication system allows a consumer to interact with a base station, such as broadcast media (e.g., television and radio) or PC, to receive coupons, special sales offers, and other information with an electronic card. The electronic card can also be used to transmit a signal that can be received by the base station to perform a wide variety of tasks. These tasks can include launching an application, authenticating a user at a website, and completing a sales transaction at a website (e.g., by filling out a form automatically). The interaction between the base station and the electronic card is accomplished by using the conventional sound system in the base station so that a special reader hardware need not be installed to interact with the electronic card. The user is equipped with an electronic card that can receive and transmit data via sound waves. In the various embodiments, the sound waves can be audible or ultrasonic (which can be slightly audible to some groups of people).

RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.13/316,710 filed on Dec. 12, 2011, which is a continuation of U.S.patent application Ser. No. 12/752,181 filed on Apr. 1, 2010, now U.S.Pat. No. 8,078,136, which is a continuation of U.S. patent applicationSer. No. 10/618,962 filed on Jul. 14, 2003, now U.S. Pat. No. 7,706,838,which is a continuation of U.S. patent application Ser. No. 09/570,399filed on May 12, 2000, now U.S. Pat. No. 6,607,136, which claims thebenefit of priority of U.S. Provisional Patent Application No.60/180,530 filed on Feb. 7, 2000.

U.S. patent application Ser. No. 10/618,962 is also acontinuation-in-part of PCT Application Nos. PCT/IL99/00525 filed onOct. 4, 1999, and PCT/IB99/02110 filed on Nov. 16, 1999, which bothclaim the benefit of priority of U.S. Provisional Patent ApplicationNos. 60/115,231 filed on Jan. 8, 1999, 60/122,687 filed on Mar. 3, 1999,60/143,220 filed on Jul. 9, 1999, 60/145,342 filed on Jul. 23, 1999, and60/153,858 filed on Sep. 14, 1999.

PCT/IB99/02110 is also a continuation-in-part of PCT Application No.PCT/IL99/00506 filed on Sep. 16, 1999.

U.S. patent application Ser. No. 10/618,962 is also acontinuation-in-part of PCT Patent Application Nos. PCT/IL98/00450 filedon Sep. 16, 1998, PCT/IL99/00470 filed on Aug. 27, 1999, andPCT/IL99/00521 filed on Oct. 1, 1999. The contents of the aboveapplications are all incorporated herein by reference.

FIELD OF THE INVENTION

The present invention relates generally to electronic cards or devicefor interaction with another electronic card or device such as acomputer and, in particular, to electronic cards that use acousticsignals for such communications.

DESCRIPTION OF RELATED ART

The Internet, and the World Wide Web (WWW) in particular, has grown inpopularity in recent years. In addition to news and information,merchants and consumers alike have come to view the web as a virtuallyunlimited source for conducting business, in the form of sales ofproducts, services, and information. Nevertheless, many computer usersare still somewhat leery of conducting sales transactions over the webespecially because credit cards are involved, along with the associatedfear of widespread and unchecked dissemination of the credit cardnumbers. These same users may also be leery of conducting non-Internetrelated sales transactions using credit cards. After all, anyone canswipe a credit card number and use it later for unauthorized purchases.Assurances from well-meaning web (and non-web) merchants do notalleviate these concerns because the user would have to carry a creditcard in his person, which can be easily stolen or lost (and thus foundby an unscrupulous thief). What is needed is a secure purchasingmechanism that provides users with the peace of mind to make a purchaseon the web (or any other form of electronic purchase or other secureinformation access) without the fear of having his credit card numberstolen by an interloper at any point in the transaction.

Typically, systems that provide security to such online users do so tothe detriment of user convenience. Because the Internet is amass-medium, the success of online services depends largely onpreserving user convenience. Without such conveniences, users wouldbecome decreasingly tolerant resulting in a loss of business and socialopportunities for both web merchants and users alike.

Traditional microprocessor credit cards, also known as “smart cards” or“chip cards,” provide security. But while smart cards that work inconjunction with dedicated smart card readers have become prevalent(i.e., bank cards in Europe), they are ill-suited for deployment aswidespread Internet access control devices. Deploying smart card readersto users in their homes, for example, and educating users on theirinstallation and use, are cumbersome, expensive, and inconvenient.

The prior art smart card systems largely were developed for adisconnected world; that is, maintaining a constant connection betweenthe smart card and some other entity was considered expensive,inconvenient, and largely unnecessary. Indeed, the telephone chargeitself was significant enough in cost to warrant minimizing suchconnection times.

In the prior art smart card, a small computer apparatus was embeddedinto a credit card plastic. At the very minimum, that apparatus wouldauthenticate a user's secret personal identification number that wasmanually entered by the user on an in-store keypad every time a card isswiped. This authentication process did not require the intervention ofany other authentication network. One aim of the present invention is toprovide authentication that is as secure as ordinary bank cards, but ina manner where the functionality associated with the card is accessedvia a public network such as the Internet. Ideally, such cards that senda one-way authentication signal can be used anywhere the Internet isavailable.

Computer network components that communicate using radio frequency (RF),infrared (IR), and wires are well known. In addition, some homeappliances are controlled using acoustic remote control. However, thesenetworks and appliances needed dedicated hardware components to realizethe communication protocol; that is, specific and specialized hardwarewhose sole purpose was to effectuate the communication was installedtherein. If such communication were not needed, the specific andspecialized hardware would not be needed at all. Installing suchhardware on an existing computer, TV, or radio may be expensive and/orproblematic. Further, some electronic and/or computer embedded devices,for example cellular telephones may be “sealed” products, to which it isimpossible to add internal components. What is needed is an electronicdevice that communicates with existing infrastructure equipment withoutthe need to further equip these infrastructure equipment with anyspecial hardware such as a smart card reader.

PCT publications WO96/10880, WO94/17498, WO93/21720 and WO93/11619, thedisclosures of which are incorporated herein by reference describe anelectronic device which transmits coded information to a microphone of atelephone using a DTMF-like encoding scheme. A WWW page addressed“http://www.encotone.com/html/tech_def.html”, suggests using such adevice to transmit audible DTMF-like tones to a personal computer usingthe computer's sound card.

Two way communications using audible DTMF-like tones, between anelectronic card and a telephone communication system is described inU.S. Pat. No. 5,583,933, the disclosure of which is incorporated hereinby reference. Thus, what is needed is a communication mechanism thatallows the electronic card to communicate with a transmitter/receiverwithout the need for dedicated or special hardware. Use of existingcomponents would facilitate the wide acceptance of this communicationmechanism, particularly in the purchasing context.

The present invention provides such a system and method and providessolutions to the problems described above.

SUMMARY OF THE INVENTION

One object of the present invention is to provide an electronic systemwhich allows users to easily interact with a merchant (web-based orotherwise) or some other entity.

Still another object of the present invention is to provide a creditcard-sized electronic card that can interact with various electronicdevices (e.g., computer) to transmit information as well as receiveinformation.

Another object of the present invention is to provide such aninteractive electronic system without the use of dedicated hardware;that is, existing hardware will be utilized resulting in little, if any,changes for the television, radio, and stereo system manufacturers.

A further object of the present invention is to require little or nochange to the content (as opposed to the infrastructure equipmentitself) generated by the existing infrastructure. Sound is an essentialelement of human communications. Therefore, the present invention isrelatively immune from changing communications standards, and is massscalable. Strictly speaking, implementing those two-way methods requireslittle or no infrastructure change or modification of existing soundcontent. Two-way implementations under the current invention providewidespread utility in situations removed from a network. For example,some embodiments described here enable users to “bookmark” soundcontent, and later use those sound bookmarks to retrieve desired contentfrom a network or other receiving apparatus.

In accordance with one embodiment of the present invention, theinteractive electronic system includes an electronic card. In oneembodiment, the electronic card is a one-way card that has a transducer,receiver circuitry and software (i.e., DSP and operating system) toprocess the incoming data. In another embodiment, the electronic card isa two-way card with both transmission and reception circuitry. In afurther embodiment, the electronic card is a one-way transmit-only card.In any of these embodiments, the electronic card also includes adisplay, such as a liquid crystal display (LCD) panel. Memory (ROM,EEPROM, and RAM), a bus system, and power source are also provided.Electronic card contacts may also be provided to allow the electroniccard to interface with standard electronic card readers. One or morephysical buttons are also provided on the electronic card itself toperform any of a number of functions: (1) transmit data from theelectronic card, (2) transmit data followed by a short period in receivemode, or (3) turn on the power to receive data for a short period.

Generally, the electronic card works with the existing infrastructure;that is, no special dedicated reader is necessary for the electroniccard to communicate with existing base stations. For example, one suchbase station is a personal computer. The personal computer typically hassound devices installed therein and the electronic card of the presentinvention can communicate with the computer using this already existingsound system. However, in another embodiment, special readers can beused to provide various functionality—from reading the contents of thecard (for those systems without a sound device) to adding bidirectionalsupport for an otherwise one-way card to recharging the battery(ies) inthe card. So, if the computer system is not equipped with a soundsystem, a special reader is provided to allow the electronic card tocommunicate with the computer system. As another example, the specialreader can be an electronic device with a microphone to allow anotherwise transmit-only one-way electronic card to have two-waycapability.

Without trading off security, the present invention providessubstantially enhanced user convenience. For example, reader-freeauthentication devices are disclosed that enable “one-button” triggeringof complex tasks such as connecting to a network and logging in securelyto personalized network services. The software that enables thereader-free communication can be stored permanently on the base stationfor enhanced functionality. But for enhanced portability, methods aredescribed for outsourcing that communications software to a remotecomputer, so that the devices can be used at a broader array of basestations.

The spectrum of applications enabled by the electronic card is broad.For the various embodiments of the present invention, the applicationscan be grouped into seven different categories—(1) One-wayInfrastructure-to-Card, (2) One-way Card-to-Infrastructure, (3) Two-way,(4) Card-to-Card, (5) Client Software Applications, (6) CardDistribution, and (7) Dedicated Systems.

BRIEF DESCRIPTION OF THE FIGURES

The above objects and description of the present invention may be betterunderstood with the aid of the following text and accompanying drawings.

FIG. 1 shows a system level diagram of the various components of theinteractive media system in accordance with one embodiment of thepresent invention.

FIG. 2 shows a high level view of the one-way transmit-only electroniccard.

FIGS. 3(A) and 3(B) show high level views of a two-way electronic card.

FIGS. 4(A) and 4(B) show high level views of the receiver portion of theelectronic card.

FIG. 5(A) shows the data stream format for the card-to-PC communicationdirection. FIG. 5(B) shows the data stream format for the PC-to-cardcommunication direction.

FIG. 6(A) shows a flow chart of the transmission routine of theelectronic card in accordance with one embodiment of the presentinvention. FIG. 6(B) shows a detailed flowchart of the transmissionportion of the transmission routine of FIG. 6(A).

FIG. 7 shows a low level view of the circuitry surrounding themicrocontroller in accordance with one embodiment of the presentinvention.

FIG. 8 shows a low level view of the voltage doubler circuitry inaccordance with one embodiment of the present invention.

FIG. 9 shows a low level view of the power and switching circuitry inaccordance with one embodiment of the present invention.

FIG. 10 shows a low level view of the electronic card connector.

FIG. 11 shows the key components of the client computer system,including the speaker/microphone, sound card driver, special clientremote access software, and the web browser in accordance with oneembodiment of the present invention. Note that the browser is optionaland that the present invention is operational with just the specialclient remote access software.

FIG. 12 shows a high level block diagram of the electronic card'sreception software in accordance with one embodiment of the presentinvention.

FIG. 13 shows a flow chart of the reception software in a personalcomputer.

FIG. 14 shows a signal decoder in accordance with one embodiment of thepresent invention.

FIG. 15 shows a signal detector in accordance with one embodiment of thepresent invention.

FIG. 16 shows an exemplary graph of the received signal and the sampledpoints therein to illustrate the moving average concept in accordancewith one embodiment of the present invention.

FIG. 17 shows an alternative embodiment of the one-way Transmit card.This circuit can also be applied to two-way cards for the transmitportion.

FIG. 18 shows a detailed analog front end portion of the receivercircuitry for the electronic card in accordance with one embodiment ofthe present invention.

FIG. 19 shows a detailed digital core portion of the two-way electroniccard in accordance with one embodiment of the present invention.

FIG. 20 shows a block diagram of the card architecture which implementsanalog recording in accordance with one embodiment of the presentinvention.

FIG. 21 shows a server architecture which implements the patternrecognition search engine and various databases including an accountdatabase, coupon database, incentive points database, merchandisedatabase, and soundtrack database in accordance with one embodiment ofthe present invention.

FIG. 22 shows a high level block diagram of the pattern recognitionsearch functionality in the pattern recognition search engine inaccordance with one embodiment of the present invention.

FIG. 23 shows a high level diagram of a cable TV infrastructure and themanner in which the merchant data is mixed with normal programming.

FIG. 24 shows a high level diagram of a broadcast TV/radioinfrastructure and the manner in which the merchant data is mixed withnormal programming.

FIGS. 25(A), 25(B), and 25(C) show three embodiments of the componentlayouts for the electronic card.

FIG. 26 shows the layers of materials that make up the electronic cardin accordance with one embodiment of the present invention.

FIGS. 27(A), 27(B), and 27(C) illustrate the transducer construction inaccordance with three embodiments of the present invention.

FIG. 28 shows a state diagram of the multi-mode switch software in theelectronic card.

FIG. 29 shows a system diagram for the E-Wallet system in accordancewith one embodiment of the present invention.

FIG. 30 shows a flow chart of the operation of the E-Wallet system inaccordance with one embodiment of the present invention.

FIG. 31 shows a high level block diagram of the various entities thatinvolved in credit card transactions.

FIG. 32 shows a flow chart of the on-line authentication operation inaccordance with one embodiment of the present invention.

FIG. 33 shows the sequence of steps taken by the electronic card, PC,and the web merchant when the customer is attempting to check thetrustworthiness of the web merchant via a challenge-response techniquein accordance with one embodiment of the present invention.

FIG. 34 shows the sequence of steps taken by the electronic card, PC,and the web merchant when the web merchant is attempting to check thetrustworthiness of the electronic card (and hence user) via achallenge-response technique in accordance with one embodiment of thepresent invention.

FIG. 35 shows the sequence of steps taken by the electronic card, PC,and the web merchant when both the web merchant and the customer areattempting to check each other's respective trustworthiness via achallenge-response technique in accordance with one embodiment of thepresent invention.

FIG. 36 shows a crypto service provider (CSP) scheme, the entities, andthe sequence of steps taken by these entities in accordance with oneembodiment of the present invention.

FIG. 37 shows one embodiment of the electronic card decoder when RFsignals are used for the PC-to-electronic card communication path.

FIG. 38 shows another embodiment of the electronic card decoder when RFsignals are used for the PC-to-electronic card communication path.

FIG. 39 shows another embodiment of the electronic card decoder whenmagnetic signals are used for the PC-to-electronic card communicationpath.

FIG. 40 shows another embodiment of the present invention where ahardware PLL technique is used in the electronic card for processingacoustic signals.

FIG. 41 shows another embodiment of the present invention where asoftware PLL/FLL technique is used in the electronic card for processingacoustic signals.

FIG. 42 shows another embodiment of the present invention where a mixeris used for baseband processing in the electronic card for processingacoustic signals.

FIG. 43 shows an embodiment of the present invention where a specialdriver is placed between the Windows Mulimedia interface and the defaultsound card driver so that multiple applications can run concurrently inthe computer system.

FIG. 44 shows an alternative embodiment from the system described anshown in FIG. 43 where a special driver is placed between the WindowsMulimedia interface and the default sound card driver so that multipleapplications can run concurrently in the computer system.

FIG. 45 shows a diagram of a secure purchasing mechanism in accordancewith one embodiment of the present invention where incentivepoints/mileage instead of cash can be used to purchase products.

FIG. 46 shows a high level abstracted view of some of the manyapplications that are enabled by the present invention.

FIG. 47 shows a high level view of another application where benefitsare achieved using the versatile electronic card with the conventionalmagnetic stripe in a system that utilizes a central account database.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

At a high level, this patent specification provides detailed informationon the system, the electronic card itself, the base station (e.g.,personal computer), and various applications (which may involve variousweb servers). In particular, the patent specification is organized asfollows:

-   1.0 SYSTEM SUMMARY-   2.0 FREQUENCY RANGE-   3.0 ELECTRONIC CARD    -   3.1 TWO-WAY CARD    -   3.2 CARD TRANSMISSION HARDWARE    -   3.3 CARD TRANSMISSION SOFTWARE        -   3.3.1 DATA STREAM        -   3.3.2 TRANSMISSION ROUTINE        -   3.3.3 MULTI-MODE SWITCH    -   3.4 CARD RECEPTION HARDWARE    -   3.5 CARD RECEPTION SOFTWARE    -   3.6 CARD MECHANICAL CONSTRUCTION        -   3.6.1 SHEETS-LEVEL CARD FABRICATION        -   3.6.2 COMPONENT LAYOUT        -   3.6.3 CARD LAYERS        -   3.6.4 TRANSDUCER CONSTRUCTION-   4.0 BASE STATION    -   4.1 CLIENT COMPUTER SYSTEM    -   4.2 INSTALLATION AND INITIALIZATION    -   4.3 BASE STATION TRANSMISSION SOFTWARE    -   4.4 BASE STATION RECEPTION SOFTWARE    -   4.5 CONCURRENT OPERATION OF MULTIPLE RECORDING SOFTWARE    -   4.6 SERVER-BASED PROCESSING-   5.0 APPLICATIONS    -   5.1 BROADCAST MEDIA        -   5.1.1 BROADCAST MEDIA INFRASTRUCTURE        -   5.1.2 BROADCAST MEDIA COUPON TRANSMISSION        -   5.1.3 BROADCAST MEDIA COUPON REDEMPTION            -   5.1.3.1 Password-based Internet Manual Redemption            -   5.1.3.2 Internet Automatic Redemption            -   5.1.3.3 Store Redemption        -   5.1.4 INTERACTIVE TV AUCTION        -   5.1.5 CONTENT RECORDING FOR SEARCH/REDIRECTION            -   5.1.5.1 Electronic card Hardware            -   5.1.5.2 Server Architecture            -   5.1.5.3 System Operation        -   5.1.6 BOOKMARKS FOR BROADCAST MEDIA    -   5.2 SMART E-WALLET SYSTEM        -   5.2.1 INSTALLATION        -   5.2.2 OPERATION        -   5.2.3 SECURITY    -   5.3 WEB TRANSACTIONS AND AUTHENTICATION        -   5.3.1 CREDIT CARD INFRASTRUCTURE        -   5.3.2 ON-LINE AUTHENTICATION        -   5.3.3 OFF-LINE AUTHENTICATION        -   5.3.4 PASSWORD GENERATOR        -   5.3.5 CHALLENGE-RESPONSE        -   5.3.6 CRYPTO SERVICE PROVIDER (CSP)    -   5.4 PLUG-INS        -   5.4.1 PLUG-IN SUBSERVIENT        -   5.4.2 PLUG-IN DOMINANT    -   5.5 POINTS/CASH PURCHASING MECHANISM    -   5.6 BAR CODE READER    -   5.7 CARD-TO-CARD INFORMATION EXCHANGE    -   5.8 WEBPAGE-DEPENDENT ACTIVATION    -   5.9 ELECTRONIC LOYALTY SYSTEM    -   5.10 ADDITIONAL SYNERGIES WITH VOICE-   6.0 NON-ACOUSTIC EMBODIMENTS    -   6.1 RADIO FREQUENCY (RF)    -   6.2 MAGNETIC FIELD

1.0 System Summary

One embodiment of the present invention provides for a system thatallows a user to interact with merchants and other entities via anelectronic device, such as television, radio, or personal computer, toconduct transactions of various kinds (e.g., consumer purchase ofproducts/services, security check). The transactions can involvetransmitting information of various kinds (e.g., membership information,personal information) and receiving information of various kinds (e.g.,account statements, coupons, special sales offers, other salesinformation). The user is equipped with an electronic card that canreceive and transmit data via sound waves. The interaction isaccomplished by using sound from the electronic device's speakers whenreceiving data and emitting sound from the electronic card to theelectronic device's microphone when transmitting data. In the variousembodiments, the sound waves can be audible or ultrasonic (which can beslightly audible to some groups of people).

Note that in addition to the electronic card, the client software, andthe various applications, the communications protocol itself alsocontains various unique aspects. The communications scheme can bebetween cards and between the card and the base station. The directionof the transmission can be one-way or two-way.

FIG. 1 provides a high level view of the interactive system inaccordance with one embodiment of the present invention. At the core ofthe system is an electronic card 10 (or electronic card 10). Asdiscussed in greater detail below, the electronic card 10 is a card thatcomplies with standard credit card form factor requirements whilecontaining some electronic circuitry and transducer(s) for processingdata, storing data, transmitting data, and receiving data. In someembodiments, the electronic card 10 also contains an LCD display. Thetransmitted and received data are in the form of sound waves that areeither audible or ultrasonic.

Although this embodiment requires the electronic card to adhere toISO-compliant credit card form factor specifications, other embodimentsdo not require such compliance. Indeed, other embodiments involve largeelectronic devices that contain the logic and functionality describedherein in this patent specification. Although a major advantage of theelectronic card in accordance with one embodiment is its credit cardform factor size, the spirit and scope of this patent applicationextends to any electronic device regardless of physical form factor.

In one embodiment, as illustrated in the general diagram of FIG. 1, theelectronic card 10 can be used by the user to interact with almost anyinfrastructure electronic device, so long as the infrastructureelectronic device is equipped with hardware that is not necessarilydedicated to interact with the electronic card 10 and supportingsoftware. Thus, the electronic card 10 can transmit data to a radio 11via sound waves 19 a, television 12 via sound waves 19 b, a computer 14via sound waves 19 c, and some electronic device in conventional store13 via sound waves 19 d. Of course, each of these infrastructureelectronic devices must have corresponding microphones to receive thesound waves (e.g., microphone 14 c for computer 14). In the case of theradio 11 and television 12, the electronic card 10 can emit infrared,RF, or magnetic signals, instead of sound waves if these devices do notcontain a microphone. Also, the electronic card 10 is equipped withtransmission circuitry, microprocessor circuitry, memory, and atransducer to generate the sound waves.

Conversely, the infrastructure devices can deliver data to theelectronic card 10. Thus, the electronic card 10 can receive data fromradio 11 via sound waves 19 w, television 12 via sound waves 19 x,computer 14 via sound waves 19 y, and some electronic device inconventional store 13 via sound waves 19 z. Each of these infrastructureelectronic devices must have corresponding speakers to emit the soundwaves (e.g., speakers 14 a and 14 b for computer 14). The electroniccard 10 is equipped with reception circuitry, microprocessor circuitry,memory, and a microphone to receive and process the sound waves.

When the electronic card 10 is used with a personal computer 14, othercommercial opportunities open up. For example, the user could use theelectronic card to interact with a web merchant 17 and a web portal 18via the Internet 16. Of course, the average consumer would need accessto the Internet via some Internet Service Provider (ISP) 15. Theelectronic card 10 could be used to facilitate the sales transactionbetween the web merchant 17 and the user. Furthermore, the electroniccard 10 could provide a greater sense of security to various web players(i.e., web merchants, credit card issuers, acquiring banks, consumersthemselves). These and other applications of the electronic card-basedinteractive system are detailed below.

The following is a sampling of the system specifications.

System Feature Specification Description Card transmission speedCard-to-PC: 200 bps EDAC mechanisms Bytes transmitted with parity, withon-the-fly error correction and detection Card lifespan Up to 10,000 keypresses Card dimensions 0.76 mm × 85 mm × 54 mm Robustness Sustainsbending and torsion; highly resistant to electromagnetic radiation Range1-2 feet from microphone PC Operating System Windows 95/98 SystemRequirements Pentium 100 MHz; 32 MB RAM; 1 MB free space on hard disk;sound card Browsers Internet Explorer 4.0 and higher; NetscapeCommunicator 4.0 and higher; AOL

The transmission technique is frequency shift keying (FSK), as describedin more detail below. In other embodiments, the transmission techniqueis n-ary phase shift keying (PSK). However, in contrast to the FSKtechnique where magnitude was used in the DFT banks to select the tworelevant frequency channels, nPSK relies on selecting a particularchannel for detection and then determine phase drift and offset byexamining the I and Q channels.

The spectrum of applications enabled by the electronic card is broad.From a complexity point of view, the applications may include, at oneextreme, the simple task of providing information to a web merchant orstore (i.e., “I am present.”) to a medium complexity task of automatingthe process of filling out a form and, at the other extreme, performinga complicated series of tasks involving security, context sensitivityactions, and multiple modes. For the various embodiments of the presentinvention, the applications can be grouped into seven differentcategories—(1) One-way Infrastructure-to-Card, (2) One-wayCard-to-Infrastructure, (3) Two-way, (4) Card-to-Card, (5) ClientSoftware Applications, (6) Card Distribution, and (7) Dedicated Systems.Each of these categories of applications will be described in greaterdetail below.

2.0 Frequency Range

In one embodiment of the present invention, the interactive system usesacoustic waves. Preferably, acoustic signals in the ultrasonic frequencyband are used. In one embodiment of the present invention, acousticwaves in the ultrasound frequency range will be used. Ultrasound is inthe 15-28 kHz frequency range, and typically higher. Of course, thereader should realize that ultrasound has no fixed upper limit. In thepreferred embodiment, the frequency range of 17-20 KHz has been selectedfor the ultrasonic acoustic signals. In particular, one embodiment uses17.5 kHz for one FSK frequency and 18.5 kHz for the other FSK frequency.These numbers were selected because half (for Nyquist sampling) of the44.1 KHz recording rate for CD-quality audio is 22.05 KHz. The upperlimit of 20 KHz was selected because in most sound systems, sound above20 KHz is filtered out sharply. Thus, this embodiment uses sounds in thefrequency range that can be supported by the current sound systems thatare installed in today's computer systems. In another embodiment, thesound waves can go down to 10 kHz while still retaining the benefits ofthe ultrasonic frequency signals.

Ultrasound has certain benefits over the audible frequency range. First,most people cannot hear ultrasound and when they do hear it, it is notnoticeably loud. Normally, young people can hear in sounds in thefrequency range of 0-20 kHz, adults can hear in the 0-18 kHz range, andthe older senior citizens can hear in the 0-16 kHz range. Some animals,such as dogs, can hear sounds at much higher frequencies.

Second, ultrasound is less subject to interference. Most ambient noiseis audible and audible sounds are omnidirectional. Thus, using audiblefrequencies would subject the electronic card to all sorts of unwantedinterference. As the sound is at a higher frequency range (such asultrasound), it also becomes more directional. In addition to thedirectionality, the higher frequency sounds travel shorter distances.Thus, ultrasonic noise sources, if any, need to be generally pointingdirectly at the microphone and be reasonably close to the ultrasonicelectronic card to cause any interference.

Third, the bandwidth is greater at the higher frequencies. Therefore,more information can be transmitted per unit of time. This is importantbecause the data transfer should not occur over an extended period oftime.

Fourth, to implement ultrasound, the transducers are smaller thanconventional sound transducers. Because the electronic card will complywith the major credit card standards, this small size is particularlyimportant. The smaller size transducers will take up less space and ifplaced strategically in the card, the user will be able to bend theelectronic card without any damage to the components therein.

Fifth, the ultrasonic electronic card can be used with existingnon-dedicated base station infrastructure equipment. For example, thesound device (e.g., “Sound Blaster” sound card) in a personal computersupports the ultrasound frequency band. Accordingly, with no hardwaremodifications, additions, or subtractions of any kind, the electroniccard of the present invention can interface with the existing basestation infrastructure.

When ultrasound is used, the electronic card has a range ofapproximately 1-3 feet. Other frequency ranges, such as the audiblefrequency range, provide greater distances. Thus, the particularacoustics that the electronic card uses determines the transmissiondistance. Typically, the user (and hence the card) would be fairly closeto a microphone to pick up the acoustic signals transmitted by theelectronic card. This also applies to the reception of the acousticsignals by the electronic card.

Of course, the selection of the frequency range for the acoustic signaldepends on the application. If the base station that communicates withthe acoustic electronic card is a conventional telephone, for example,audible acoustic signals should be used since filters in the telephonenetwork remove signals in the ultrasound range. Thus, in one embodiment,the electronic card emits acoustic signals in the non-ultrasonic audiblefrequency range so that it can communicate with band-limited soundsystems. In another embodiment, the particular audible frequencies thatare used are based on the DTMF system.

3.0 Electronic Card

The electronic card 10 (see FIG. 1) will now be discussed. Initially, atwo-way card will be described, followed by individual transmission andreception components. Note that some embodiments require a two-way card,while other embodiments require a transmit-only one-way card or areceive-only one-way card. In all of these embodiments, at least oneswitch that is physically activatable by the user is provided on thecard. In some embodiments, multiple switches are provided to provideadditional functionality.

3.1 Two-Way Card

A high level block diagram of a two-way electronic card will now bedescribed with respect to FIGS. 3(A) and 3(B). For one-way transmit-onlycards, the transmission portion of the two-way card is used. For one-wayreceive-only cards, the receiver portion of the two-card is used.

FIG. 3(A) shows one embodiment where a receive transducer and a separatetransmit transducer are provided. In FIG. 3(A), memory unit 30 iscoupled to processing unit 31, which is in turn coupled to receptionunit 32 and transmission unit 33. The received signals in the receptionunit 32 are provided to the processing unit 31. Also, the processingunit 31 determines what data to transmit with the transmission unit 33.The reception unit 32 is coupled to the receive transducer 36, while thetransmission unit 33 is coupled to the transmit transducer 37. A powerand switching unit that is identical to unit 24 of FIG. 2 is alsoprovided but not shown in FIG. 3(A).

In contrast, FIG. 3(B) shows another embodiment where a singletransducer is provided for both reception and transmission. Again, thememory unit 30 is coupled to the processing unit 31. The processing unit31 is coupled to an input/output unit 35. The input/output unit 35includes a reception unit 32, a transmission unit 33, and a switchabletransducer 34. The switchable transducer 34 is under the control of theprocessing unit 31 since the processing unit 31 knows when theelectronic card should transmit and receive. Any received signalsdetected by the switchable transducer 34 are provided to the receptionunit 32, while any signals that need to be transmitted are provided bythe transmission unit 33 to the switchable transducer 34.

Further details of the card's transmission and reception hardware unitswill be provided below. Also, the software in the microcontroller 31includes:

-   -   (1) transmission software    -   (2) reception software    -   (3) encryption software    -   (4) memory retrieval and storage

These four parts of the card's software will be discussed further below.

3.2 Card Transmission Hardware

The transmission hardware will now be discussed. In particular, thetransmission hardware will be discussed in the context of a one-waytransmit-only electronic card 10 as shown in FIG. 2. The electronic card10 is essentially a portable device with a processing unit 21, memoryunit 22, output unit 23, and power and switching unit 24. The processingunit 21 provides the computation and control necessary for operatingsystem functionality, cryptography, communication, memory management,and code updates. This unit comprises a dedicated chip microcontroller,DSP functionality, a smartcard chip, and a bus system. Preferably, theprocessing unit used has sufficient power (a few MIPS), and includessome on-chip or off-chip memory for storing and/or generating acryptographic signature. A Microchip 12C508, 12C672 or higher processingunit is preferred. In one embodiment, a Microchip PIC16F84 is used whichuses an on-chip EEPROM.

Preferably, the microcontroller should satisfy the followingrequirements:

-   (1) working voltage of 2.2 V depending on the battery. Although 2.2    V is adequate for standard batteries, 2.0 V is preferable. A voltage    of 3.0 V also works.-   (2) low supply current of approximately 2 mA-   (3) MIPS: at least 0.5-   (4) Program memory of 2 KBytes, although 2 K instructions is    preferable-   (5) EEPROM of 8 Bytes-   (6) Data memory of 100 Bytes (although the Microchip PIC16F84 has 68    Bytes)-   (7) Timer is desirable-   (8) RC input for clock source in one embodiment, but an external    frequency source can be used for some ASIC implementations-   (9) Die-   (10) Temperature tolerance of 0-50 degrees Celsius for working    conditions and −10 to 70 degrees Celsius for storage-   (11) Watchdog functionality to add reliability to the    microcontroller (resets the microcontroller if it starts to    malfunction)-   (12) I/O: at least 4 I/O pins are needed with 2 spares.-   (13) Sleep mode for reducing current after card operation has been    executed-   (14) Low cost

The memory unit 22 is used to store data relevant for the card user. Thememory unit 22 comprises read only memory (ROM), random access memory(which may also be incorporated in the processing unit 21), and anEEPROM to permanently store externally received data. Specifically, thememory unit can contain data for security encryption, personal details,electronic coupons, and upgradeable software. In one embodiment, thememory unit 22 is a non-volatile memory. The digital ID stored thereinis 8 bits long in one embodiment and after encryption, it becomes 32bits (for main digital ID bits, checksum, CRC, header, etc.).

The output unit 23 physically creates the transmitted signal. It ispreferably made from a metal plate with a piezo material (e.g., piezoceramic material with a small thin metal plate) on it. Being very thin,these transducers produce the required intensity at the ultrasonicfrequencies. It also comprises driver circuitry and amplificationcircuitry connected between it and the processing unit 21.

The power and switching unit 24 comprises a very thin battery withenough capacity and drain ability, or with recharge capabilities. Aswitch is provided for turning the card on or off and for changingstates (or modes) of the card. Aside from a mechanical switch, theprocessing unit can also automatically turn the power and switching unit24 off. The card may be programmed so that the system wakes up at theoccurrence of certain wake-up events. Power supply amplification andfiltration are also provided.

Referring now to FIGS. 7-10, a detailed low level description of theone-way card will now be provided. FIG. 7 shows the Microchip PIC16F84microcontroller and surrounding circuitry. The processor is a PIC 16F84,which is fast and contains on-chip data EEPROM. The PIC 16F84 alsoprovides for three options to provide the clock source—(1) externalcrystal oscillator, (2) external oscillator circuit, and (3) external RCcircuit. Because of the size constraint of the electronic card, acrystal clock source could not be used. Also, an external oscillatorcircuit, while feasible, contains too many components. Accordingly, anRC circuit (R2 and C2) is provided at the OSC1/CLKIN input. With theparticular values shown in FIG. 7, the clock frequency selected is 4MHz. Reset is provided at the MCLR input.

At the VDD input, the microcontroller is coupled to Vdd3, capacitor C1,and VDD−. The power supply, which is discussed later in conjunction withFIG. 9, provides 2-3 volts. The microcontroller however needs 4-6 voltsthe transmission circuitry and also because the microcontroller canoperate faster with higher input voltage. A voltage doubler circuit ofFIG. 8 provides the doubling needed to effectively operate themicrocontroller.

The RA0 pin is used as an output pin. The voltage provided at this pinmirrors the voltage doubled input VDD− and is also provided to the powerand switch unit which is described below in FIG. 9. Essentially, the RA0prevents the operation of the electronic card during transient states(turning on or turning off).

The output at RB1 is coupled to buzzer LS1, which generates the acousticsignal. In one embodiment, this buzzer is an FT12-T.

Pins RB5-RB7 are used for programming and testing the microcontroller.In addition, the electronic card connector of FIG. 10 is used forprogramming and debugging.

The voltage doubler circuit will now be described with respect to FIG.8. The voltage doubler is a high efficiency device. A charge pump schemeis used because of the big physical size of the needed inductors inother schemes. However, in other embodiments, the use of such inductorsis feasible in the credit card-sized electronic card 10 of FIG. 1. TheMaxim voltage converter MAX861 takes as its input at Vdd and outputs adoubled voltage VDD− at pin Out. The VDD− is provided to the VDD inputof the microcontroller in FIG. 7. The additional circuitry of C4, C5,and Motorola diode MBRO503T1 provides protection to the chip fromovervoltage at the input Vdd. The power and switching circuit will nowbe described with respect to FIG. 9.

The power source is a Varta LPF25 battery which is small, has lowcurrent drain, and provides just enough voltage for the rest of thecard's circuits. In one embodiment, it outputs 2-3 volts.

A switch SW1 is provided. The switch is used by the user to enable thetransmission of data in the electronic card. The user should keep theswitch pressed for as long as the transmission requires, which isusually a short period of time since the data transmission is relativelyfast at 200 bits per second. However, sufficient protection circuitry isprovided so that if the user releases the switch prematurely, the properoperational voltage is delivered to the processor so that the data canbe transmitted without fail. When the switch SW1 is pressed, transistorsQ1 (Fairchild Semiconductor MMBT2907A) and Q2 (Fairchild SemiconductorMMBT2222A) provides a smart switch function. After turning on, thesetransistors Q1 and Q2 are turned off by the Microchip processor of FIG.7. Transistor Q1 passes the voltage from the battery to the voltagedoubler circuit of FIG. 8 as voltage Vdd1. The capacitors C9 and C10allow for the power to ramp up smoothly and to hold the Vdd1 voltage forsome time period. The transistor Q2 receives a digital command from theprocessor and shifts voltage levels for transistor Q1 as needed. Thediscrete bipolar transistors are used because of their low leakagecurrent, which can be as low as a few nAmps.

The combination of Q1, Q2, micro power voltage reference. D2 (NationalSemiconductor LM385-2.5/SO), and their resistors are provided to confirmthe validity of the signal. This circuit ensures that any signal above 4volts from the processor via RA0 will deliver power to the power andswitching circuit for its effective operation. However, any signal below3 volts will be ignored so that latch-up of the circuit will beprevented during transient states (turning off or turning on). Thiscircuit consumes less than 10 nA in the off state. An alternativecircuitry for the LM385-2.5 can be a reset supervisor which will resetthe microcontroller when the voltage drops below the allowed threshold.Such IC's can be the equivalent of MAX821 or MAX6326.

An electronic card connector J1 is also provided as shown in FIG. 10.The electronic card connector is used to program, test, and debug theelectronic card. In alternative embodiments, however, the electroniccard connector is not provided. Instead, the electronic card isprogrammed by the manufacturer of the microcontroller. In anotherembodiment, the card is programmed using the electronic card connectorand then the circuits including the electronic card connector arelaminated over with suitable material, including printed PVC.

An alternative embodiment of the card transmission hardware provides fortwo added benefits—lower power consumption and greater power output.With the lower power consumption, battery life is extended. With thegreater power output, reliability is increased with lower bit errorrate. A high level block diagram of this alternative embodiment is shownin FIG. 17.

In FIG. 17, a battery 190 is provided. This battery supplies 2-3 voltsnominal voltage. In one embodiment, the battery is a single Varta LPF-25battery that provides 2.7V nominal at 1 mA discharge (25 mAH).

A mechanical switch 191 provides the circuit connection when it isclosed. In one embodiment, the mechanical switch is a dome switch. Asilicon switch 192 is also provided for maintaining power after the userhas activated the mechanical switch 191. The silicon switch 192 makessure that the rest of the transmission circuitry in the card has enoughpower to function properly for a period of time after the user hasactivated the mechanical switch 191 in the event that the user lifts themechanical switch 191 prematurely.

A voltage regulator 193 is coupled to the battery 190 via the mechanicalswitch 191 and the silicon switch 192. The voltage regulator 193stabilizes the frequency of the microprocessor 194 and lowers thecurrent consumption of the battery 190. The voltage regulator 193 is anLDO with low decoupling capacitors and low current. The output voltageis 2.2V. This IC can also be omitted in expanse to a lesser frequencystability. The voltage is provided to the microprocessor 194, which inone embodiment is a Microchip PIC 16F84. An electronic card connector197 allows for the microprocessor 194 to be programmed. Additionalcontacts are provided for factory testing and debugging.

A voltage multiplier and driver 195 receives signals from themicroprocessor 194 and provides an output at 6Vpp to the transducer 196.An alternative circuit can double the battery voltage to 5Vpp, withfewer components. The voltage multiplier and driver 195 doubles theinput voltage to generate a square of the power out. At the very least,the transducer needs twice the battery voltage to be driven. Thetransducer 196 exhibits approximately 5 nF of capacitance.

In contrast to the above embodiment where a single channel is used totransmit either f0 or f1 for this FSK scheme, two channels can beimplemented to increase the bit rate. In one embodiment, the twofrequencies to be transmitted are summed in the electronic card wherethe single transducer transmits the summed signal to the PC. In anotherembodiment, each frequency to be transmitted is associated with atransducer in the electronic card, where after being transmitted, thetransmission medium (e.g., air) adds the two frequency components beforebeing received by the PC. In a further embodiment, one transducer isassociated with frequencies f1 and f2, while another transducer isassociated with f3 and f4. At any moment in time during a transmission,each transducer transmits one bit so that the electronic card with twotransducer essentially transmits two bits at the same time.

Accidental activation of the TX switch in the electronic card canpotentially drain the power from the battery supply unless appropriatesafeguards are taken. In one embodiment, circuitry is provided such thatif the switch is pressed for more than a threshold amount of time (e.g.,1 sec), then the electronic card will turn itself off. No transmissionwill be possible unless the switch is deactivated first. In anotherembodiment, the microprocessor is programmed with a time-out logic sothat if the TX is pressed for more than a threshold amount of time, thenthe microprocessor unit will turn off the power.

3.3 Card Transmission Software

The software in the electronic card primarily performs the followingroutines:

-   -   (1) read data (e.g., ID, sync byte) from memory    -   (2) write data (e.g., increment counter value) to memory    -   (3) perform DES3 encryption to calculate Series    -   (4) calculate checksum    -   (5) beep audible feedback to user    -   (6) initialization    -   (7) transmit data    -   (8) receive data

These and other related features of the card software will be describedfurther below.

3.3.1 Data Stream

The software for the card resides in the microcontroller and is writtenin Assembly language. On activation of the card (i.e., press of theswitch), the card transmits a data stream that comprises a header, data,a footer, and start/stop bits. The header, footer, and start/stop bitsare fixed. However, the software calculates the data portion.

Referring now to FIG. 5(A), the data stream includes f0 (approximately100 msec long or 24 bits), f1 (approximately 20 msec long or 5 bits), asynchronization byte, a known byte, the data portion (96 bits), and achecksum (CRC) byte. The portion of the data stream beginning with thesynchronization byte to the checksum byte is divided up into bytes ofdata with start and stop bits inserted between the bytes. Thus, at thebeginning of a byte is a start bit (e.g., logic 1) and the end of thatsame byte is a stop bit (e.g., logic 0).

The f0 and f1 portions of the data stream represent the two FSKfrequencies employed by the system. The f0 and f1 portions are puresinusoids of the base FSK frequencies and are transmitted first to allowthe receiver to enable detection.

The sync byte is a sequence of alternating bits with some pattern (e.g.,01010101) that enables synchronization of the receiver with the receiveddata stream. The known byte is a byte known to both the receiver andtransmitter of the system. It assures the receiver that this signal isindeed a signal and not noise.

The data portion is the major part of the data stream where each bit istranslated to a wave of frequency f0 or frequency f1 with a length of Tmsecs that determine the raw bit rate. The discussion below details howone embodiment calculates the data portion, which is denoted by thevariable DataOut. In other embodiments, DataOut is calculateddifferently and can be any desired length depending on the functionalitydesired by the press of the TX switch.

The checksum (CRC Code 32) byte is transmitted to ensure no errors inthe received data stream. Also, as mentioned above, start/stop bits areinserted into the portion of the data stream beginning with thesynchronization byte to the checksum byte. This portion is divided upinto bytes of data. Start and stop bits are inserted between the bytes.Thus, at the beginning of a byte is a start bit (e.g., logic 1) and theend of that same byte is a stop bit (e.g., logic 0). The start and stopbits are utilized for resynchronization. Because of the clock source inthe card has errors, the transmitted signal drifts in frequency whichresults in missing a sampling point (or sampling the wrong point). Theresynchronization provides for this correction.

Returning now to the data portion of the data stream, the software makesuse of certain algorithms along with some numerical attributes of thecard. Each card is associated with a group ID, individual ID, and a key.The group ID identifies this card with other similarly situated cards;that is, if ABC Corporation distributed the card to its members, thecard would have ABC Corporation's group ID number. All cards distributedby XYZ Inc.'s web portal would be associated XYZ's group ID number. Theindividual ID is essentially the card's serial number and is unique tothat card. The key is a secret private key. Note that the terms“private/public key” are from asymmetric crypto systems, but in thecurrent embodiment, only one key is used and is usually referred to inthe literature as “the key” or “the secret key”. The microcontrolleralso manages a counter in non-volatile memory, which in one embodiment,increments by one each time the card's TX switch is pressed. In oneembodiment, the size of these card numerical attributes are:

Group ID: 32 bits

Individual ID: 32 bits (in another embodiment, 16 bits)

Key: 16 Bytes

Counter: 32 bits

Based on these numerical attributes, the microcontroller in the cardcreates a complex numeric series that is not easy to predict. Onepreferred series is:

Series=DES3(Key, Msg), where Msg=[Group ID, Counter]

DES3 represents the Data Encryption Standard (DES) cryptographicalgorithm as defined by the U.S. Bureau of Standards (FIPS PUB 46-2,1993 and FIPS PUB 74, 1981). Msg is the concatenation of the 32-bitGroup ID and the 32 bit Counter value, which results in a 64-bit number.The Series is a 64-bit number. The microcontroller employs the algorithmin the encryption portion of the software to calculate this Series.However, what is actually transmitted for the data portion of the signalis:

DataOut=[Series, Individual ID]

Here, DataOut represents the concatenation of the 64-bit Series which isa DES3 encrypted number and the unencrypted 32-bit Individual ID, whichresults in a 96-bit number. On every activation of the card, the counteris incremented and the next code in the series is used.

In an alternative embodiment, security can be assured by storingidentical sets of random numbers both on a memory unit in the card, andon the authentication server. That random number takes the place of theDES3 encrypted number element of the DataOut series described above. Theadvantages of such an embodiment are twofold. First, it clearsprocessing resources on the card, or reduces the complexity of theprocessor needed, since the encryption algorithm no longer is practiced.Also, theoretically, a random number scheme is virtually impossible todecrypt.

3.3.2 Transmission Routine

A high level description of the transmission routine in the electroniccard will now be provided with respect to FIG. 6(A). The transmissionroutine begins at step 50. At step 51, the parameters Known Byte, SyncByte, Series, Individual ID, and Checksum are placed in the send buffer.To perform this step, some of these parameters are either retrieved frommemory (Known Byte, Sync Byte, Individual ID, checksum, and also thecounter value) as well as calculated (Series). Step 52 requires that thebase frequencies f0 and f1 in FSK are selected. Step 53 transmits thedata. The transmission routine ends at step 54.

FIG. 6(B) illustrates a more detailed flowchart of the transmissionprocess. This flowchart provides more details for steps 51 and 53 of theFIG. 6(A). The flowchart begins at step 60. At step 61, themicrocontroller reads the counter value. At step 62, the microcontrollercalculates the Series based on the Key and the Msg, as described above.For each press of the TX switch, the microcontroller increments thecounter value by one. At step 63, the microcontroller determines DataOutas the concatenation of the encrypted Series and the unencryptedIndividual ID. Having calculated the data portion of the data stream,the microcontroller is now ready to transmit the data stream.

At step 64, the microcontroller transmits f0 for approximately 120 ms(or 24 bits) and f1 for approximately 20 ms (or 5 bits). At step 65, thestart bit (logic 1) is transmitted. A byte of a portion of the datastream beginning with the synchronization byte and ending with the CRCbytes are then transmitted at step 66. The stop bit is transmitted atstep 67. If any more data from the sync byte . . . CRC portion of thedata stream is remaining, then the microcontroller goes back up to step65 to transmit the start bit. It then transmits another byte of data,followed by the stop bit. If no more data is remaining to betransmitted, the process ends at step 69.

After the data has been transmitted, the card turns itself off toconserve battery power. In another embodiment, the card goes intoreceive mode for a few seconds after the transmission steps inanticipation of receiving data. Thereafter, the card turns itself off toconserve power. In still another embodiment, the card provides anaudible feedback (e.g., beep) to alert the user that the data has beensuccessfully transmitted. Some delay is provided after the beep tocompensate for the case where the CPU turns off the power before theuser lifts his finger off the switch. Then, the card turns itself off,or alternatively, goes into receive mode followed by power off.

Note that the system uses FSK to transmit the signals. In oneembodiment, the system is capable of being modified so that the basefrequencies (f0 and f1) are adjustable. This modification can occur inrealtime and in automated fashion to ensure that the receiver receives agood signal. Similarly, automatic retransmission is also provided as afeature of the electronic card. For example, if the user presses theswitch on the card longer than expected, this may imply that thetransmission is bad because the user did not see the appropriateresponse from the PC (e.g., an audible beep from the PC to indicate thatthe signal was properly received). In this case, the card will, aftersome delay, retransmit the data stream possibly using a different set ofFSK frequencies.

Some other design considerations should be taken into account. Theprogram code necessary to execute the above process is relatively smallto fit into the small microcontroller. The timing is very exact so asnot to introduce errors and audible noise to the communication. Since alow cost processor is used (e.g., Microchip PIC16F84), PWM or DTOA unitsare not available; therefore, the digital output pins of the processorwill be used for transmitting the signal.

In one embodiment, the bit rate for the transmitted data is 200-600 bitsper second.

3.3.3 Multi-Mode Switch

In accordance with one embodiment of the present invention, theelectronic card contains one switch. To provide multiple functionalityfor the electronic card (and the client base station, such as a personalcomputer), the electronic card is equipped with multiple modes. Eachmode is associated with some unique function apart from the other modes.In one embodiment, the mode of the card depends on the length of timethat the switch is pressed by the user. To assist the user indetermining what mode he has invoked, or conversely, how long he haspressed the switch, an audible feedback such as a beep sound isgenerated by the electronic card. Thus, for every T seconds that theswitch is pressed, a single audible beep is generated. In oneembodiment, T is 0.25 seconds. A single beep indicates that theelectronic card is in one mode, while two beeps indicate that theelectronic card is in another mode.

Referring to FIG. 28, a state diagram is provided. At state 280, theelectronic card is turned off. So long as the switch is not pressed, theelectronic card is not operating.

When the switch is pressed, the power of the card is turned on. This isrepresented by state 281. The card may require the switch to be pressedfor some minimum amount of time before it is recognized as a validswitch press. In one embodiment, this minimum amount of time is 0.25seconds. When the switch is pressed for this minimum amount of time, theelectronic card will provide an audible beep every T seconds (e.g., 0.25seconds) so long as the switch is depressed. The number of beepsindicates to the user the mode of the electronic card. Of course, theuser would already know what mode he wants to place the electronic cardin and he holds down the switch until the desired number of beeps isproduced.

When the user finally releases the switch, the number of beeps istemporarily stored in memory in the electronic card in state 282. Thisbeep number can then be used by the electronic card to perform itsfunction in accordance with the mode selected by the user.Alternatively, the number of beeps along with the card authenticationdata (e.g., Series, checksum, Individual ID) are transmitted to theclient base station. The client base station can then receive the numberof beeps and interprets the mode of the communication. At state 283, theCPU in the electronic card turns off the power to conserve batterypower.

Some exemplary modes are as follows. A single beep indicates that theelectronic card is in transmit mode. Whatever data that needs to betransmitted will be transmitted shortly. After the data has beentransmitted, the electronic card turns itself off. In anotherembodiment, a reception period (e.g., 1 second) follows immediatelyafter the transmission of data. This is then followed by power off.

A double beep indicates that the electronic card is in receive mode onlyfor a short time period. In another embodiment, the electronic cardsends the two beep indication to the client base station. The softwarein the client base station interprets the two beep indication asdisplaying a drop-down menu list of actions. The user can then selectone of the listed actions. In one embodiment, these listed actions canbe: (1) launch the browser, (2) launch the browser, if it is not alreadylaunched, and go to the user's designated home page (or the home page ofthe company sponsoring the electronic card); (3) launch the browser, ifit is not already launched, and go to some designated website; (4)launch the user's email application, if it has not already beenlaunched; (5) send email in the user's outbox and receive email from theuser's mail server; (6) perform simple diagnostics by sending data tothe electronic card, followed by receiving some data from the electroniccard; and (7) perform any other series of actions (predefined orassigned by the user).

In another embodiment, the list of actions that are displayed on theclient base station's monitor is context-sensitive. Thus, if the user'sbrowser is already opened and displays the home page, one of the actionslisted will not be to launch the web browser and go to the user's homepage. Typically, one of the actions listed will be to fill out a form.So, if a user was shopping on the web and found some merchandise hewould like to purchase, he proceeds to the checkout line on the websitewhere he encounters a form. The user presses the switch on hiselectronic card and waits for two beeps to sound before releasing theswitch. The client base station receives the two-beep indication andproceeds to list action items in menu form. One of the action items isto “fill out a form.” When the user selects this action on the list, theclient base station proceeds to fill out the form on that web page toautomate the purchasing process for the user. The client base stationwould have all the information necessary to fill out such a simplepurchase form—name, billing address, shipping address, phone number,credit card number, credit card expiration date, etc. Once this form hasbeen filled out, the user can use the browser in the conventional mannerto complete the sales transaction. Form filling functionality detailsare provided below.

In another embodiment, three beeps indicate that the electronic cardshould reset. Similarly, three beeps could indicate that the electroniccard should erase the contents of its battery backed-up RAM. If the RAMis used to store downloaded data off the Internet or some broadcastmedia device (e.g., TV or radio), this data is then erased.

In a further embodiment, a text-to-speech conversion feature is providedin the electronic card. An audio file is also stored in the electroniccard. Each audio file is associated with one of the beep numbers; thatis, an audio file is associated with a single beep and another audiofile is associated with two beeps. Thus, the user need not remember whatfunction corresponds to how many beeps. When the user has released theswitch after N number of beeps, the electronic card plays the audioassociated with the N beeps. For example, if the user selected twobeeps, the played audio file says, “On-screen menu? One beep for YES andtwo beeps for NO.” If the user did indeed want an on-screen menu list ofactions to be displayed on the client base station monitor, he wouldpress the electronic card switch until one beep sounds. Otherwise, hewould press the switch until two beeps sound.

As described above, the electronic card can have one switch or multipleswitches. Similarly, the audible feedback can vary from a single beep tomultiple beeps. Based on the context or the action taken by the user,the audible feedback or alert can have different sounds (e.g., beep,buzz, ring). Additionally, the audible sound can be provided at thebeginning or at the end of the action taken by the user. In other words,to use the example above, the beep can sound at the beginning of every Tseconds instead of at the expiration of every T seconds.

One attractive application of either a multi-mode switch or of multipleswitches on a single card relates to using the same card at basestations with diverse reception/transmission capabilities. For example,certain base stations, such as ordinary phones in a “Plain OldTelephone” (“POTS”) network, are capable of receiving and passing onsounds in the audible, but not in the ultrasonic range. Where it isdesirable to have a single card use audible transmissions in thatenvironment, but ultrasound in other environments, a multiple switch ormulti-mode switch as described above can be used. Specifically, in amultimode embodiment, a single press of the switch would activate anultrasonic transmission terminated by an audible beep for user feedback.A longer press could result in (i) either the ultrasonic transmission ora simple pause, followed by (ii) either a terminating “beep” for userfeedback or none; and (iii) by an audible transmission for use over thephone or another similarly limited device.

There are a number of examples of the types of cards that would beattractive when implemented as cards tailored for use with highlyfunctional acoustic base stations like computers or base stations thatare more acoustically limited. For example, when implemented as a creditcard, this multimode card would offer the cardholder the security ofknowing that even a customer service representative does not get accessto their credit card number, since it will sound like modem noise, whichis actually transmitting a one-time code that cannot be reused(Described below). Just a few examples include frequent flyer or loyaltycards that can be used on the phone or via an Internet computer toaccrue or spend points, car reservation services, and membership cardsof all sorts.

3.4 Card Reception Hardware

The reception unit 32 will now be described in greater detail withrespect to FIGS. 4(A) and 4(B). The primary objective of the analogfront end of the reception unit is to detect the transducer's responseto audio signals, amplify the transduced signals, filter them, and passthem to the microcontroller's A/D for digital processing. FIG. 4(A)shows a transducer 40 receiving the audio signal, transducing theacoustic signal to an electrical signal such as a voltage change, anddelivering the transduced electrical signal to a pre-amplifier 41. Thetransduced electrical signal is at level of tens of microvolts (e.g., 10microvolts).

The pre-amplifier 41 is a high impedance amplifier that amplifies thetransduced electrical signal. It amplifies the signal 100 or 200 timesthe input. Thus, the output of the pre-amplifier 41 is at 1,000microvolts or 1 mV. The pre-amplifier 41 then sends the amplified signalto a band pass filter 42.

The bandpass filter 42 is a filter with a Q of approximately 8 to filterthe signal. In one embodiment, it passes signals in the 17-20 kHz rangefor the ultrasonic frequencies. A high pass filter is also provided ontop of the bandpass filter to further attenuate speech. The design ofthe bandpass filter 42 accounts for the limited gain margin of theop-amps at the center frequency. The classic computation of Q shouldalso be altered for compensation. The bandpass filter 42 passes thefiltered signal to an automatic gain control (AGC) circuit 43, whichthen delivers the signal to the microcontroller 44.

The combination of the pre-amplifier 41 and the bandpass filter 42 usesa non-inverting MFBF scheme as a compromise to obtain the high Q andhigh input impedance. The pre-amplifier 41 needs a high input impedance,but the bandpass filter 42 with a high Q has very low input impedance.The gain in the lower frequency ranges is 1 (instead of decaying in 20dB/dec), but this still leaves more than 40 dB of attenuation comparedto the center frequency. The next blocks with the high pass filter (seeFIG. 4(B)) deal with the further attenuation at lower frequencies.

The AGC circuit 43 will now be discussed with respect to FIG. 4(B). TheAGC 43 keeps a fixed level of amplitude on the microcontroller's inputand is located after the bandpass filter 42 to maintain a stable output(i.e., low phase shifts inside the AGC loop). The output of the AGC 43is a frequency shift keying (FSK) signal. In one embodiment, the dynamicrange of the AGC 43 should be approximately 40 dB. Also, the AGC 43works with low current and low voltages (e.g., 2 volts) with lowamplitude variance at the output (input to the microcontroller 44). Themicrocontroller 44 determines whether the FSK signal is a signal at onefrequency f0 or another frequency f1.

In the AGC 43, the signal at the output of the band pass filter 42 isprovided to a divider 45, which outputs a signal at a relativelyconstant amplitude and low level. This signal is delivered to a gain andhigh pass filter circuit 46. The gain circuit is a constant gainamplifier with a fixed gain of approximately 300 dB determined mainly bethe feedback resistors ratio. The input of this block is approximately3.3 mVp-p and the output is approximately 1 Vp-p. This gain is largecompared to the amplifier's open loop gain, and the amplifier has arelatively small gain margin at the desired frequency. This results in areduced gain (compared to the lower frequency with the same resistorsratio), and a phase shift. However, the signal is not distorted. Thehigh pass filter portion of the circuit 46 is realized by adding acapacitor to the feedback resistors. This high pass filter furtherattenuates speech frequencies. The output of the gain and high passfilter 46 is provided to the microcontroller 44 for further processing.

An amplitude estimator 47 is placed in a feedback loop from the outputof the gain and high pass filter 46 to the input of the divider 45. Theamplitude estimator 47 comprises two low end op-amps—an absolute valueblock and an integrator. The absolute value block estimates the outputsignal's amplitude. Other circuits (e.g., peak detector) may also beconsidered. The integrator locks the output amplitude on a predeterminedvalue. This value is determined by the ratio of the resistors of theintegrator. The gain of this integrator is determined by themultiplication of the feedback capacitor and the input resistor. Thisfactor controls the speed of the loop and the ripple on the AGC's FET(the ripple is reduced by a LPF network after the integrator).

A tradeoff exists between the speed of the integrator and the signaldistortion. When the gain is low, the FET receives a well-filteredsignal that allows fine-tuning of the FET's resistance. When the gain ishigh, the output signal's final amplitude is reached quickly, but thesignal will be distorted because of the fluctuations on the FET's gate.When Vgs/Vt is approximately 1, small fluctuations in Vgs result inlarge fluctuations in the FET's resistance. The ripple on the FET's gateis approximately 2 mV, based on a simulation.

Another tradeoff is between the time of settling and the finalamplitude. The microcontroller prefers to have the largest amplitudepossible (Vcc peak-to-peak). However, the integrator needs a spare ofoutput amplitude in order to manufacture faster the error voltage forthe FET. For now, the output signal is about a quarter (¼) of the Vcc.

The constraints on the system include:

-   (1) low IC count-   (2) low passive components count-   (3) low current drain (<2 mA, not including the microcontroller)-   (4) power supply is 4-6 volts, although the design works with 2-3    volts power supply with voltage multiplier circuitry-   (5) low cost-   (6) working temperature of 0-45 degrees Celsius-   (7) robustness of design over device tolerances-   (8) low noise level at the output-   (9) input signal is tens of microvolts.

A more detailed view of the receiver in a two-way configuration isprovided in FIGS. 18 and 19. FIG. 18 shows the analog front end and FIG.19 shows the microcontroller unit. In FIG. 18, the power on switch block198 d provides for the batteries, where in this embodiment, two Vartabatteries BT1 and BT2 are installed. These batteries provide power tothe rest of the circuit via the switch SW1. The remainder of thecircuitry provides for signal shaping and signal holding in a mannersimilar to the circuit of FIG. 9.

The transducer switch block 198 a provides for both transmission andreception front end capabilities. The AnalogOn allows for the selectionof input/output. The signal that should be transmitted is present onDigitalOut to pin 2 of the PI5A319A chip. If the transducer switch block198 a is in transmit mode, the signal is provided on pin 1 of thePI5A319A chip to the transducer pad TP1. If the transducer switch block198 a is in receive mode, the signal is provided to pin 1 of thePI5A319A chip from the transducer pad TP1. The received signal is thenrouted to pin 8 of the PI5A319A chip. The portion of the transducerswitch block 198 a that is associated with TP2 provides for noiseimmunity.

The received signal makes its way to the preamplifier and bandpassfilter block 198 b. After amplification and filtering, the receivedsignal is provided to the high pass filter and AGC block 198 c. Thebeginning portion of the circuit from resistor R2 to capacitor C7provides for the divider function. The next portion of the circuitprovides for the AGC function to generate the fixed amplitude. Thebottom portion of the circuit provides for amplitude estimation. Theprocessed signal is then provided to the microcontroller (e.g.,Microchip PIC16F877 in a TQFP package) via Analogin.

The Vcc block 198 e and Vref block 198 f provide for the appropriate Vccand Vref voltage sources that are used throughout the analog front endcircuits. The additional circuitry 198 g round out the analog front end.

FIG. 19 provides the pinouts and circuitry surrounding the digital coreof the electronic card. The microcontroller/microprocessor 199 a used inthis embodiment is a Microchip PIC16F877 in a TQFP package. Analogin isthe received signal to be processed. Conversely, DigitalOut is digitalsignal to be transmitted out of the card. The additional components likethe connectors 199 b and test point block 199 c allow for programmingand debugging of the microprocessor 199 a.

Additional embodiments use different techniques for decoding thereceived signal in the electronic card. In one embodiment, a hardwarephase-locked loop technique is employed. Referring to FIG. 40,transducer 400 receives the acoustic signal and makes the appropriatevoltage conversions. The bandpass filter portion of unit 401 filters thesignal in order to attenuate speech (or noise) signals. The preamplifierportion of unit 401 amplifies the signal to a minimum amplitude of a fewmilli-Volts. At this amplitude, most PLLs can lock onto the inputsignal. An AGC block 404 can be realized before the PLL 402 to increasethe SNR.

In this embodiment, the PLL 402 is an XR215, XR2211, LMC568, or thelike. The PLL 402 demodulates the audio signal as known to thoseordinarily skilled in the art. The output of the PLL 402 can be adigital square wave of the decoded FSK signal. Alternatively, the outputcan be an analog voltage whose level is correlated to the input signalfrequency. The microprocessor unit 403 accepts either of these forms ofsignals for further processing.

In another embodiment, software PLL/FLL decoding technique is employedto implement the locking of the input signal. Referring now to FIG. 41,the transducer 410 receives the acoustic signal and provides thenecessary conversions. The bandpass filter portion of unit 411 filtersthe signal in order to attenuate speech (or noise) signals. Thepreamplifier portion of unit 411 amplifies the signal to a minimumamplitude of a few milli-Volts. The hard limiter block 412 produces asquare wave from the analog output. The microprocessor unit 413 usesthis digital input signal to implement the decoding. To increase theSNR, an AGC block 414, under the control of the microprocessor unit 413,can be realized before the hard limiter block 412.

In another embodiment, a mixer is used for baseband processing.Referring to FIG. 42, the components are similar to the above twoembodiments corresponding to FIGS. 40 and 41 with the exception of amixer 422. In this technique, the mixer 422 shifts the ultrasonicacoustic signal from around 20 kHz to baseband. Baseband processing ismuch easier to implement. An exemplary decoding method is squaring theanalog output and processing the digital data. Another equallyapplicable method is conventional DSP algorithms for processing analogdata.

3.5 Card Reception Software

The goal of the receiver, whether hardware or software, is to detect anddecode the FSK signal in real-time in a very simple processor with anerroneous clock. The receiver hardware received the acoustic signal,transduced it to an electrical signal, amplified it, and cleaned itbefore presenting it to the microcontroller. The receiver software inthe microcontroller then processes the cleaned-up analog signal andattempts to decode it to extract the actual data therein.

The data stream transmitted by a base station (e.g., PC) comprises aheader, data, a footer, and start/stop bits therein. The header, footer,and start/stop bits are fixed. The footer includes the checksum (CRC)byte. Referring to FIG. 5(B), the header includes an energy detector bit(1 bit) which includes contributions from two frequencies(sin(2*pi*f0*t)+sin(2*pi*f1*t)), a pure sinusoid with frequency(f0+f1)/2 (3 bits), a pure sinusoid with frequency f0 (3 bits), a puresinusoid with frequency f1 (3 bits), and a known byte.

The data portion includes the actual data that the base station istrying to deliver to the card. This includes instructions, flags, andpure data for storage (e.g., coupons). The length of the data portionvaries from one application to another.

Like the card-to-PC transmissions, start and stop bits are also used forthis PC-to-card transmissions for resynchronization. The portion of thedata stream from the known byte to the CRC byte is divided into bytes.Each byte is preceded by a start bit (logic 1) and appended by a stopbit (logic 0).

Referring to FIG. 12, the receiver downsamples the signal so that itcould handle the otherwise large number of computations in real-time.This downsampling can be achieved in hardware with a bandpass filter andan analog-to-digital (A/D) converter 120. For example, if the signalsare between 18 kHz and 20 kHz, this portion of the spectrum can beprefiltered with the bandpass filter and then sampled at approximately 5kHz (or 4900 Hz which is CD audio quality 44.1 kHz divided bydownsampling factor 9). After the sampling, the signal will have movedto the 0-2 kHz band.

The energy detector 121 in the software then looks for a sharp rise inthe signal energy. This energy detector 121 is used to determine whetheran actual signal is present for processing. This can be accomplished byaveraging the absolute power of the first bit (energy detector bit inFIG. 5(B)) of the received signal using a first order ER filter of theform:

y[n]=a*abs(x[n])+(1−a)*y[n], where 0<a<1 and x[n] is the input signal

As mentioned previously, the signal comprising the energy detector bitis the addition of two sinusoids, where one sinusoid is at frequency f0and the other sinusoid is at frequency f1. The reason why both FSK basefrequencies are used is because there's a chance that one or the otherfrequency component will be DC after aliasing from the downsamplingoperation. If so, the high pass filter will remove it and the energydetector 121 will miss the beginning of the signal.

The receiver software samples one point. If the energy detector detectsa high enough signal, then it's a signal. If not, the energy detectorexamines the next sample.

The next two blocks 122 and 123 correct for the card's clock errors. Incontrast to the clock source in the card, the PC's clock source is moreprecise. Thus, the PC sends a constant and known frequency for the cardto lock onto. The algorithm used by the card is a Least Mean Squared(LMS) on the following equation.

Any sine wave of the form x[n]=A*sin(2*pi*f0*n+phi) satisfies thedifference equation:

x[n+1]*cos(2*pi*f0)=(x[n]+x[n+2])/2, for every n

Most notable about this difference equation is that it is second order,with at least one unknown parameter, b=cos(2*pi*f0), which can beinterpreted as an unknown multiplicative constant. By defining anintermediate signal, b is determined by minimizing the mean squarederror:

E{(b*x[n]−s[n])̂2}

where E{ } denotes statistical expectation. An LMS rule for determiningthe unknown coefficient b is given by the recursion

b[n+1]=b[n]−c*(b[n]*x[n]−s[n])

where c is a parameter that determines the rate of convergence (0<c<2),and the subtraction is used to implement the negative of the gradient(with respect to the parameter b) of the instantaneous costC(b*x[n]−s[n]), as defined above. The frequency f0 can be estimated fromb[n] by inverting the formula b[n]=cos(2*pi*f0[n]), most preferably insteady state (after convergence), and under the condition that−1<=b[n]<=1.

So, if the coefficent of x[n] is not known, an initial guess can be madeand subsequently, the coefficient can be adaptively changedproportionally to the error as in any LMS algorithm. Here, the frequencyadaptation bits are used. Referring briefly to FIG. 5(B), the 3 bits of(f1+f0)/2, the 3 bits of f1, and the 3 bits of f0 are used. For thefirst 3 adaptation bits, the average of f1 and f0 is used to minimizethe risk that the correct frequency correction will be made. If only f1or f0 is used, either f1 or f0 may flip over to the other side on thefrequency spectrum during downsampling. When this happens, the receiversoftware will make a wrong correction of the frequency. By taking theaverage, the chance that the frequency will flip over is minimized andhence, the wrong correction will not be made.

After the frequency is adaptively selected in block 122, block 123attempts to decode the first byte. If the decoding is bad, the receiversoftware returns to the A/D converter stage and starts over.

At block 124, the receiver software decodes the data to determinewhether the received signal is a logic “1” or logic “0.” Finally, block125 checks for any errors using the checksum byte.

3.6 Card Mechanical Construction

With respect to the mechanical construction of the electronic card, theelectronic card complies with the credit card set of standards—ISO 7810,7811-1 to 7811-6, 7813, 7816-1, and 7816-2. Some minor deviations fromthe standard are inevitable such as the location of the external switchand of course, the additional functionality provided by the cardelectronics. In other embodiments, no attempt is made to make theelectronic card comply with the credit card standards. However, in thediscussions below, the credit card standard-complying electronic cardwill be described.

The components in the card are miniaturized and placed on selectlocations in the card to optimize the use of such limited space. Anexternal button is provided on the electronic card itself so that whenit is pressed by the user, the electronic card encrypts the digital IDand transmits the encrypted digital ID via ultrasonic acoustic waves.The card also includes acoustic transduction elements, such as amicrophone and a speaker, which serve as the acoustic antennae.

In a preferred embodiment of the invention, the card is thin (0.8 mm isa standard plastic card thickness), so the microphone should also bevery thin. The acoustic receiver can be any microphone, such as aregular capsule microphone or an ultrasonic type microphone, which ispossibly specific for a particular frequency or frequency range used. Insome cases, special ultra-low power circuitry may be desirable. Theacoustic transmitter can preferably generate a strong atmosphere wave.It is noted however, that only a small amount of power is required forshort range transmissions.

The reception transducer is a capacitive microphone with two plates witha small air gap; that is, the distance between the two plates are smallcompared to conventional capacitive microphones. Any vibration on theplate changes the capacitance which in turn changes the current to thereception circuitry. With a DC voltage applied across the plates, theresulting changing current signal is filtered, amplified, and thenanalyzed since the modulation of this signal is directly proportional tothe information contained therein. The transmit transducer is a thinstainless steel/brass plate on a PCB with a piezo-ceramic material ontop of it. The distance between the top surface of the piezo-ceramicmaterial and the printed PVC layer is approximately 0.8 microns(micro-meters).

The electronic card's battery is small and is guaranteed to work in 0-60degrees Celsius. Even if the electronic card is left inside a hot car,the battery will not be damaged. The battery also functions intemperatures down to −15 degrees Celsius. Up to 10,000 card activations(i.e., switch press) are possible for one embodiment of the presentinvention.

The electronic card is very robust to bending and has been designed toprovide maximum bending protection. The electrical connection betweenthe battery and the other components is soldered and subsequentlycovered with PVC, making the circuitry very resilient. Furthermore,components in the card have been placed in locations such that anybending of the card will not damage or otherwise impair thefunctionality of the electronic card.

With the current fabrication process, the electronic card can belaminated and embossed at 120 degrees for 10 minutes without damage tothe card's circuitry or internal components. In other embodiments, thecomponents, such as the transducer itself, are shielded so that hotlamination processes can be used.

The electronic card allows for conventional embossing in the areareserved for embossing cardholder information in compliance with ISO7816. High pressure embossing is also possible in the card signaturefield since the electronic card does not have circuitry in this area.

Branding is also important for electronic card sponsors. The electroniccard can be printed with any external features of the integrator'schoice, including holograms and company logos.

3.6.1 Sheets-Level Card Fabrication

With current smart card fabrication techniques, the exposed nature ofthe smart card contacts complicates the assembly/lamination/printingprocess. Usually, assembly of the smart cards involves the manufactureof a plurality of smart cards in sheets. Each sheet is typically 7×12cards (or 84 cards), although the exact dimensions of the matrix canvary depending on the type of smart card. However, for efficient andcost effective mass production, these smart cards are manufactured inlarge numbers to produce these sheets. Also, because these sheetscontain smart cards, the smart card modules are exposed, whichcomplicates the process. Also, sometime during this process of creatingsheets, the individual smart cards are programmed. At some point, thesesheets are cut into smart cards.

The current process for producing smart “bank” cards utilizes theconventional credit card fabrication more closely than that of theelectronic card of the present invention.

In fabricating smart cards, actual fully compliant “dumb” cards areproduced in a credit card manufacturing operation. This includes thestandard sheet printing/laminating/singulation processes. Once the“dumb” card is complete, it is further processed into a smart card. Thisis accomplished by machining a cavity into the body of the “dumb” creditcards and implanting a smart card module into the body of the card. Thesubsequent personalization processes, therefore, do not represent asignificant threat to the module.

During the lamination and printing stages, special machines (e.g.,DataCard, Heidelberg) are needed to print the appropriate information(logos, numbers) around the exposed smart card modules. Heidlebergprinting presses are used for the offset printing of the sheets, whereasthe DataCard machines are for the personalization of individual cards,which can include thermal or dye sublimation printing. Without thesespecial machines, the printing/lamination stage could potentially damagethe exposed smart card modules and render the smart card useless. Also,special machines would also be needed to read and program the chips inthe smart card. If additional personalization is needed (i.e., username, user signature, user photo), these special machines would beneeded again to print around the exposed modules as well as read andprogram the chips therein. Thus, the exposed modules in these smartcards complicate and otherwise makes costly the card fabrication processafter the cards have been laid in sheets.

One embodiment of the present invention significantly improves thisprocedure. Not only do the electronic cards of the present inventioncontain “smarts,” but these electronic cards do not expose the contactsor modules fabricated therein. The manufacturer programs these cardswith the appropriate codes and IDs that are described throughout thispatent specification. These cards are also laid out in sheets, where atsome point, they are cut to produce the credit card-sized electroniccards. During the printing/lamination stage, standard credit cardprinting/lamination machines that are used on conventional UnitedStates-based “dumb” credit cards are utilized. No special machines areneeded to print and laminate around the exposed smart card modules sincethe electronic cards of the present invention have no exposed modules.Also, since the electronic cards of the present invention have alreadybeen programmed, no additional machines are needed to read and programthese cards. These cards are delivered directly to the user of theaccount.

To activate and personalize the card, the user would normally log intothe card sponsor's website and press the button on the card. The websitewould process the data transmission and affiliate the card ID with theuser's account. This is analogous to the user calling an 800 number toactivate the card. In fact, the card can emit a signal usable overordinary phone lines or cellular phones and thus, the cardholder's firstactivation of a card over that 800 number could also result inaffiliating the card ID with the cardholder's account. Thus, the issuerneed not worry about programming the electronic card since theaffiliation of the electronic card with the user's account would occurat the backend after the user has activated the card by pressing thecard button. The personalization of the card occurs upon the “first use”of the card in accordance with one embodiment of the present invention.In contrast, conventional technologies require some form ofcard-accepting device to be available and operational at the time ofcard registration or activation in order for personalization to occur.

Furthermore, according to the credit card standards, if smart cardmodules are exposed, the smart card must comply with the credit cardstandards organization's approved payment system. This involvesadditional components in the cards and additional programming to complywith the payment standard. By not exposing the modules in the electroniccards of the present invention, the manufacturer of these electroniccards need not comply with this payment system standard. This allows themanufacturer to save on the cost of supplying, assembling, andprogramming the chips with the payment system standard-complying logic.

By preprogramming the electronic cards and not exposing any of themodules, the fabrication of these electronic cards provides efficiencyimprovements in fabrication (via the use of standard printing/laminationmachines and no additional programming), cost (no additional logicneeded to comply with payment system standard; no special machinesneeded to print/laminate around the exposed modules), and standardscompliance (no separate payment system standard compliance issues). Inessence, fabricating the electronic card of the present inventionprovides all the benefits of fabricating a standard credit card, inaddition to the benefits described above.

3.6.2 Component Layout

The component layout in the electronic card will now be discussed.Referring to FIG. 25(A), the substrate portion of the electronic card isshown. Here, the basic components and their placement in the substrateof the electronic card are illustrated. For the sake of clarity, traceconductors/interconnects are not shown; however, one ordinarily skilledin the art can determine the location and paths of trace lines based onthe circuit diagrams described above.

Here, substrate 257 is shown superimposed on the outline of the finalcredit card form factor card 250. From this orientation, the magneticstripe portion of a typical credit card is provided in region 258. Onone side of the electronic card in this region is the magnetic stripeitself. On the other side of the electronic card in this region is theembossing area where credit card issuers normally place the name, socialsecurity number, expiration date, and other embossed information. On thesame side is the logo of the credit card, and in some cases, the photoof the cardholder.

In this region 258, several components are also provided—switch 256 andtransducers 254 and 255. The switch enables the electronics in the cardto first transmit data in the electronic card and then followed by ashort receive period. In other embodiments, of course, the single switchpermits multiple modes where, for example, a single press indicatestransmission and a double press indicates reception. In still otherembodiments, multiple switches are provided on a single electronic card.Typically, the switch is a dome switch constructed of stainless steelmaterial. A thin PVC layer also covers the switch. The switch isnormally provided on the side opposite the printed PVC layer where theactual magnetic stripe is placed.

In this embodiment, two transducers are provided—one for transmit (e.g.,speaker for acoustic signals) and the other for receive (e.g.,microphone for acoustic signals). In other embodiments, only onetransducer is used for both transmit and receive. Essentially, thetransducer is piezo-ceramic disc on top of a small brass/steel plate.The entire structure is enclosed in a reverberation chamber. Moredetails of this construction are provided below.

Outside of this magnetic stripe region 258, the battery 251, the chipand surface mount technology components 252, and electronic cardconnectors 253 are provided. In one embodiment, the battery is a VartaLPF-25. For smaller capacity, the battery is a Varta LPF-7. The chip andSMT components include the digital core (microprocessor and supportingcircuits) as well as the analog front end.

Another embodiment of the component layout is shown in FIG. 25(B). Onceagain, the substrate 257 is shown superimposed on the outline of theelectronic card 250. In this embodiment, two batteries 251 a and 251 bare provided. Part of the first battery 251 a along with the chip/SMT252 and the switch 256 are in the magnetic stripe region 258 a. Outsideof this region, the electronic card connectors 253, transducer 259(which can provide both transmit and receive functions) and secondbattery 251 b are provided.

In another embodiment, region 258 b is the magnetic stripe area, insteadof region 258 a. In this embodiment, transducer 259 and part of thesecond battery 251 b are placed in this region without affecting themagnetic stripe. Other components are outside this region 258 b.

FIG. 25(C) shows a third embodiment of the component layout. In thisembodiment, the switch 256 is the only component in the magnetic striperegion 258 a. All other components including the two transducers 254,255, the electronic card connectors 253, the digital core circuitry 252a, the analog front end circuitry 252 b, and the battery 251 are placedoutside this region 258 a. Note that in this embodiment, the electroniccard connectors 253 are placed below transducer 254. The magnetic striperegion 258 a can also be used for embossing purposes.

In another embodiment, region 258 b is used for the magnetic stripe. Inthis case, region 258 a would be used for embossing.

As these three embodiments in FIGS. 25(A), 25(B), and 25(C) illustrate,the placement of the components in the electronic card is an importantdesign criteria. Generally, the embossing area, which is also typicallynot the same area as the magnetic stripe region 258, should have aslittle components as possible. This allows embossing to be accomplishedwith relative ease while minimizing the concerns that credit cardmanufacturers may have on whether the embossing process might harm anelectronic component. However, as components get smaller and smaller,the placement of some components (in whole or in part) should not affectthe durability and reliability of the electronic card.

3.6.3 Card Layers

The fabrication of the electronic card will now be discussed. FIG. 26shows the various layers that make up the electronic card. At the heartof these layers is the substrate layer 260. This substrate layerincludes a chip/SMT cavity 260 a, battery cavity 260 b, transducercavity 260 c, and switch cavity 260 d, where the chip/SMT component 252,battery 251, transducer 254, and switch 256 are placed in thesecavities, respectively. Some insulation material is used to cover thebattery 251. Also, in some embodiments, the electronic card connectors(not shown in FIG. 26) are covered with PVC and other insulationmaterial after the microprocessor in the electronic card has beenprogrammed and debugged. In the portion of the substrate where siliconcomponents are provided, some epoxy material is used to cover this areato prevent moisture from forming and to prevent this area fromphysically bending.

Surrounding the substrate layer 260 is the substrate “cap” layer 263 andthe cavity layer 264. The substrate “cap” layer 263 is basically a verythin PCB where the underside (in the direction facing the substrate 260)has copper interconnects with special coating. The cavity layer 264 is aPVC material that is provided around the substrate 260 to artificiallyproduce a fixed and constant height for the substrate 260 and itscomponents. Obviously, without the cavity layer 264, the placement ofthe various components in the substrate layer 260 results in differentheights for the different regions of the substrate. This entire sectionwhich includes the substrate “cap” layer 263, the substrate layer 260(with the components), and the cavity layer 264 are all filled with amaterial to fill in gaps to eventually even out the height of the entiresection.

Above the substrate “cap” layer 263 is the printed PVC layer 262. Themagnetic stripe is fabricated on this layer. Analogously, the otherprinted PVC layer 265 is provided below the cavity layer 264. Thevarious images (e.g., credit card logo, bank logo), photos, and otherinformation associated with credit cards are provided on this layer.Conversely, the magnetic stripe can be placed on printed PVC layer 265and the other images and photos can be placed on PVC layer 262. A clearPVC outer layer 261, 266 are provided on the outer surface of each sideof the electronic card.

3.6.4 Transducer Construction

The mechanical construction of the transducer will now be described withrespect to FIGS. 27(A) to 27(C). FIG. 27(A) shows a cross-section of acircular transducer, like transducer 254 of FIG. 25(A), in accordancewith one embodiment of the present invention. On the PCB 275, which isapproximately 0.1 um (microns) in height of plastic, a brass/stainlesssteel plate 274 is provided. The brass/stainless steel plate 274 isapproximately 0.1 um to 0.15 um in height. On top of the brass/stainlesssteel plate 274 is a small piezo-ceramic disc or element 273, which isapproximately 0.15 um in height.

To provide some room for the vibration or movement of the piezo-ceramicelement 273 to generate the acoustics, some space is provided around thepiezo-ceramic element 273. Spaced apart from the piezo-ceramic elementis the printed PVC layer 270. The distance from the top of thepiezo-ceramic element 273 to the bottom of the printed PVC layer 270 isapproximately 0.8 um. A wall 272 surrounds the piezo-ceramic element 273and the brass/stainless steel plate 274 to create some enclosed chamber271. The spacing of piezo-ceramic element 273 from the printed PVC layer270 and the creation of a chamber 271 with the wall 272 also result insome form of a reverberation chamber for the acoustics. The acousticsignal is generally directed toward the PCB 275 (downward direction onFIG. 27(A)).

The resonant frequency of the acoustic signals generated by thistransducer depends on the selection of the various parameters of thecomponents in the transducer. The main parameters include the thicknessof the piezo-ceramic element 273, and the thickness, stiffness, type ofmaterial, shape, and diameter of the brass/stainless steel plate 274.

FIG. 27(B) shows an alternative embodiment of the transducerconstruction. In this embodiment, the brass/stainless steel plate is notused. Instead, the piezo-ceramic element 273 rests on and uses the PCBlayer 275 as a substitute plate. Additionally a portion of the printedPVC layer 270 protrudes into the chamber 271 so that the distancebetween the top of the piezo-ceramic element 273 and the bottom of theprotruded printed PVC layer 270 remains at 0.8 um. In a variation ofthis embodiment, the piezo-ceramic element 273 can be made thicker sothat the protruding portion of the printed PVC layer 270 would not benecessary. The additional thickness of the piezo-ceramic element 273would be approximately 0.15 um (or the thickness of the brass/stainlesssteel plate had such a plate been used). Thus, the distance between thetop of the piezo-ceramic element 273 and the bottom of the unprotrudingprinted PVC layer 270 is 0.8 um.

The embodiments of FIGS. 27(A) and 27(B) show transducers which arefabricated as the entire electronic card is fabricated. In contrast,FIG. 27(C) shows a third embodiment of the transducer construction wherethe transducer is modular and not fabricated with the card. In thisembodiment, the wall 276 also includes a cover portion 276 a. The coverportion 276 a and the wall 276 form the chamber or cavity 271. In oneembodiment, the cover portion 276 a and the wall 276 are made of eithersteel or plastic. In this configuration, the piezo-ceramic element 273need not rely on the printed PVC layer to form the chamber. When thismodular transducer is used in the fabrication process of the electroniccard, other fabrication technology can be used. For example, the morewidely available technique of hot lamination can be used in some of thefabrication steps. Without the modular transducer of FIG. 27(C), somecomponents in the transducer cannot be heated too high without componentfailure.

4.0 Base Station

In one embodiment, the base station is a station that is part of aland-based infrastructure. Although it is usually part of some network,this is not a mandatory requirement. Thus, a personal computer, whetheror not it is connected to a local area network or has access to theInternet, is a base station. Other exemplary base stations includetelevisions, radios, telephones, automated teller machines, card readerat the store checkout line, and the like. In one embodiment, the basestation transmission software is similar to that of the electronic card.

In another embodiment, the base station is not necessarily part of theland-based infrastructure; rather, the base station can be portable.Thus, cellular phones, personal digital assistants (PDAs), portableradios, portable televisions, and the like can be base stations. Likethe land-based base station, the electronic card in accordance with oneembodiment of the present invention can communicate with the portablebase station.

In either case, the frequencies for the acoustic signal are carefullyselected to enable the electronic card to communicate with the basestation. For example, if the base station is a personal computer with asound system, the acoustic signals can be in the ultrasound range. Ifthe base station is a telephone connected to the public telephoneinfrastructure, then the acoustic signals should be in the audible rangeso that they can pass through the filters effectively. Note that asingle card can be equipped to emit either audible or ultrasonictransmissions as desired to send to a telephone, a computer, or otherdigital devices as needed. In another embodiment, the audiblefrequencies selected conform to the standard DTMF scheme.

4.1 Client Computer System

Referring briefly to FIG. 1, in the client computer system 14, a specialclient remote access software in accordance with one embodiment of thepresent invention is installed and running. In addition, a standardmicrophone, speaker(s), and a web browser are utilized. Of course, a webbrowser is not absolutely essential so long as the computer systemallows the user to access the Internet. This can be accomplished with apiece of communications software. At the web merchant or web portalside, a server is provided to handle the user's redemption needs. Thus,having downloaded the coupon from a TV 12 or radio 11, the user can takehis card to his computer 14, access the Internet 16, and redeem hiscoupon at the sponsoring web merchant's or web portal's website.

Referring now to FIG. 11, the client computer system will now bedescribed. The client computer system includes a web browser (e.g.,Microsoft Internet Explorer, Netscape Navigator) 115, a special clientremote access software 114, at least one speaker 111, a microphone 112,and drivers 113 for the sound device(s) (e.g., speaker/microphone). Thesound card and corresponding sound card software normally interfaceswith the speaker and microphone. Most computers currently on saleinclude a sound system, usually a “Sound Blaster” sound card, connectedto at least one microphone and at least one speaker.

Note that the sound devices that are necessary depend on the particularapplication of the electronic card. If the electronic card is one-waytransmission only, only the microphone is needed in the computer system.If the electronic card is two-way, both the speaker and the microphonewould be needed. If the electronic card is one-way receive only, thenthe speaker would be needed in the computer system.

In a preferred embodiment of the invention, client computer system 110and electronic card 10 communicate using these standard computercomponents of client computer system 110, which are usually for humancommunication, not for computer communication. Some computers areprovided with other types of sound systems, which also support theapplication of preferred embodiments of the invention, possibly with avariation in frequencies to account for different circuit or samplingcharacteristics. Typically, this sound system is designed for generatingmusic and other audible sounds. In addition, many computers include aninternal speaker and a modem speaker. Some computers use USB speakerswhich are connected directly to the USB (Universal Serial Bus).

In one preferred embodiment of the invention, a standard sound card,such as the popular “Sound-Blaster” is used to generate sonic and/orultrasonic signals to (and to alternatively or additionally receive themfrom) an electronic card. The acoustic signal may be audible (in someapplications) or inaudible (more preferable), for example having mainlyultrasonic or infrasonic frequencies. Preferably, frequencies of about22 kHz and 24 kHz and 32 kHz are used, since a standard sound cardprovides these sampling rates (and/or their multiples, e.g., 44 kHz and48 kHz). Alternatively, lower frequencies, such as between 17 kHz and 21kHz may be used. In other embodiments, the standard sound card receivessound waves from the electronic card 10 (see FIG. 1) for furtherprocessing.

In some preferred embodiments of the invention, a sound card is adaptedto work in the near ultrasonic range, for example by increasing itssampling frequency. Generally, the microphone and loudspeaker used for acomputer system can support low frequency ultrasound with sufficientfidelity without adaptation. However, in some embodiments of theinvention, a special ultrasound-sensitive microphone orultrasound-effective speaker may be used. In other cases, thesensitivity of a particular microphone and/or loudspeaker may bedetermined by the user prior to or during communication with anelectronic card.

To provide for software control of the speaker 111 and the microphone112, the client computer system 110 includes drivers 113. Normally, theuser can set playback volume and recording volume on the softwarecontrol panel which are then set in hardware by the drivers.

A special client remote access software 114 is provided to interfacewith the speaker/microphone drivers 113 via communication line 116 andthe web browser 115 (or communications application) via line 117. Thespecial client remote access software 114 was written specifically forthe various embodiments of the present invention. This software 114 isinstalled in the client computer system 110 and is normally loaded atall times because the user may use his electronic card 10 at any time.Of course, if the special client remote access software 114 is notloaded, the user simply opens the application whenever he is operatingthe card.

The special client remote access software 114 performs multiple tasksthat are important to the various embodiments of the present invention.During the initial stages of the user's on-line purchase, the specialclient remote access software 114 processes the sound wavescorresponding to the digital ID that have been emitted by the electroniccard 10. After having been received by the microphone and processed bythe sound card, the sound waves are processed further. The specialclient remote access software 114 checks the encrypted digital ID soundwaves to make sure that the data is complete and corresponds to theappropriate user's electronic card 10. Thereafter, the received data isprocessed by special client remote access software 114 in different waysdepending on the application.

4.2 Installation and Initialization

As mentioned above, the special client remote access software 114 in theuser's PC is needed to communicate with the electronic card and the webbrowser. At times, the special client remote access software 114 canaccess the Internet and communicate with web servers without the webbrowser. The installation of the special client remote access software114 can be accomplished in many different ways. The installation mayoccur over the web as the software is downloaded from a web server andthen subsequently installed in the user's PC. Alternatively, thesoftware can be installed via CD-ROM or floppy disk. Furthermore, whenthe user buys a computer, the software may be bundled with the computerequipment so that installation is automatic.

In communicating with the web browser, the special client remote accesssoftware 114 uses Java applets. When the special software 114 needs tointeract with a web page, the Java applet calls the appropriate ActiveXcontrols to perform basic functions associated with that web page. Thedeployment of ActiveX by the special software 114 is routine and isknown to those ordinarily skilled in the art. In this manner, someaspects of the special client remote access software are found invarious servers that can be downloaded to the local client as they areneeded. The basic special client remote access software 114 however, isinstalled locally. Thus, as the user navigates from one webpage toanother, different functions may be supported. As the user encountersthese webpages, the user can download these different functions toextend the capabilities of his electronic card.

For example, assume that a user has encountered a shopping website. Theshopping website requires some authentication to log in. The websiteindicates that it supports the electronic card. The user then downloadsthe authentication logic from this website's server. Once downloaded,the user can then press his electronic card to authenticate himself intothe website and access his account. When he reaches the checkout line,he downloads the form fill logic from that website's server. When hepresses the button on his electronic card, the just recently downloadedform fill logic portion of the special client software recognizes theelectronic card transmission as requesting a form fill. The specialclient software then fills out the form on that webpage to assist theuser. Other functions can be supported in this manner. Thus, as the usernavigates from one webpage to another, he can encounter webpages thatsupport different electronic card functions. If desired, the user candownload those functions to extend the usefulness of the electronic cardat that website.

In other embodiments, the special client software does not need the webbrowser to communicate on the web. After all, the special clientsoftware can contain all functionality that is in the web browser inaddition to the functions needed to communicate with the electroniccard. In a further embodiment, the special client software is not neededas the web browser provides all the functions that the user will need. AJava applet downloaded via a Java VM can perform all the specializedelectronic card-related tasks, while the web browser itself allows theuser to communicate on the web.

Initialization primarily involves the sound system and its supportingequipment. Two main tasks are executed—(1) mixer settings, and (2) soundcard memory allocation. When the special client software is launched orotherwise turned on, it initially stores the default mixer settings sothat later, it can return the PC to the state before the special clientsoftware was activated. The special client software then checks andadjusts the mixer control settings so that the sound card is optimizedto interact with the electronic card.

First, the recording setting must be on. If it is off, the specialclient software turns on the recording setting. In other embodiments,the special client software asks the user to turn on the recordingsetting.

The special client software then performs several tests, with andwithout the assistance of the user. These tests involve testing thespeaker, the microphone, and the electronic card-PC communication, asdetailed below. These tests need not be performed every time, though.

The special client software also checks the microphone. If themicrophone is off, then the special client software enables themicrophone to be turned on. Alternatively, the special client softwaremay ask the user to turn on the microphone. The special client softwaremay also ask the user to test the microphone by speaking into themicrophone. Various threshold settings are stored—(1) silent mic, (2)non-receiving mic, and (3) receiving mic. Alternatively (oradditionally), the special client software may ask the user to operatethe electronic card. If the test fails, the special client software willask the user to fix the electronic card by providing various tips, suchas proper press of switch, proper distance of electronic card tomicrophone, proper orientation of the electronic card to the microphone,and the like.

Additionally, to avoid feedback problems, the special client softwareturns off the playback control. For those sound blasters with AGC, thespecial client software will turn on the AGC setting when appropriate,as well as other special settings (e.g., boost).

The special client software takes control of the volume control sliderand moves it all the way up to maximum. In some cases, however, audioclipping may be a problem due to the presence of ambient noise. If so,the special client software may move down the volume control slider andthen subsequently alert the user to retransmit the data from theelectronic card. In one embodiment, a test may be performed with asample audio file. During the initialization phase, the special clientsoftware asks the user to transmit a sample data. By pressing the TXswitch in the electronic card, a sample audio file is transmitted. Basedon the reception quality of this sample audio file, the special clientsoftware adjusts the volume control setting that allows proper recordingwhile minimizing the negative influence of ambient noise.

For the sound card memory allocation, the special client software sendsa request to the sound card driver in the PC to allocate memory. Thememory has to be substantial enough to hold the audio data. In a typicalsound card, 8 MB are available in the buffer. Usually, not all of thismemory is needed. However, in some applications, many seconds of audioneed to be recorded. As an exemplary number for the amount of memoryused, approximately 1 MB is needed to record 10 seconds of audio.

In one embodiment of the sound card, assume that the special clientsoftware needs about 1 MB of memory to record 9-10 total seconds ofaudio. The sound card driver divides the 1 MB of memory into 36 buffers,where each buffer holds approximately 250 ms of audio data. When anybuffer is filled, the sound card driver sends the audio data in thatbuffer to the special client software.

For two-way embodiments, a test with a sample .wav file is done todetermine whether the electronic card can receive data properly. Thespecial client software includes a sample audio .wav file. After thememory is allocated by the sound card, the sound card driver sends apointer to a buffer location. The special client software then sends thesample .wav file to the buffer location specified by the pointer. Thesound card then plays the .wav file through its speaker(s) while theelectronic card receives this audio sample. If the expected audio sampleis received and properly decoded in the electronic card, then theelectronic card generates an audible beep to indicate that the test wassuccessful.

Typically, these initialization settings are made upon launch of thespecial client software. When the electronic card transmits the data tothe PC, the special client software processes this data. Afterprocessing this data, one embodiment returns the PC back to theinitialization state where it waits for additional data transmissionsfrom the electronic card. Thus, the special client software is active(usually as a tray application on the desktop) and the sound card isoptimized for electronic card-to-PC communications until the applicationis closed.

In another embodiment, however, the special client software restores thedefault mixer settings. As mentioned above, the special client softwarestored the mixer control settings prior to adjusting them for theelectronic card. If the user needs to use the electronic card again, heenables the initialization routine to start over again for the mixercontrol settings and the sound card memory allocation.

4.3 Base Station Transmission Software

The primary purpose of the base station transmission software is togenerate the data stream shown in FIG. 5(B). The data portion of thedata stream can be instructions, flags, and pure data for storage (e.g.,coupons). For the most part, if sound is utilized, a conventional audiofile (e.g., .wav file) is played by a software audio player as is knownin the art.

In some cases, the data is transmitted from a computer system via thespeakers. The special client software packages the data to betransmitted, whether the data is locally available or downloadedremotely from a website, and transmits them. The transmission involvesthe playing of the audio .wav file. Thus, the packaging of the data tobe transmitted can be as simple as locating the relevant audio file inmemory and playing that audio file via the speakers.

In other cases, the data is transmitted from a TV or radio set. Today'stelevision sets and radios are fairly passive and dumb devices; that is,they merely broadcast what they have received from the conventionalTV/radio stations or the cable infrastructure. Accordingly, thetransmission software is installed in the location where the coupon datais mixed with the programming. This may be the headend or even thenetwork program source in the cable infrastructure. Once mixed, thecoupon data (whether audible or ultrasonic) and the regular TV/radioprogram travel through the normal channels to the user's TV or radioset. Thereafter, if the TV or radio set is on, it transmits the datastream of FIG. 5(B) via acoustic waves, where the coupon data is foundin the data portion of the data stream.

4.4 Base Station Reception Software

When any sound is emitted by some sound source, whether or not the soundsource is the smart card of the present invention, the microphone on thecomputer (computer 14 of FIG. 1) may pick up that sound. If the soundcomplies with the data stream format of FIG. 5(A), the special clientsoftware 114 (FIG. 11) can process it and extract the data therein. If,however, the sound is unrecognizable (or is otherwise noise) to thespecial client software 114, it ignores it. Generally, the specialclient remote access software 114 in the PC receives a signal,determines whether the signal is proper, and if so, performs digitalsignal processing on the signal and decodes it. Based on the decodedsignal, the special client software 114 can perform many functions suchas open a web browser to a specific web page, fill out a form, redeem acoupon, and otherwise automate previously manual operations.

In one embodiment, the base station is a personal computer that isconnected to the Internet. FIG. 13 shows a flow chart of one embodimentof the reception software portion of the special client software 114(FIG. 11). In FIG. 13, the process begins at step 130. At step 131, thesoftware initializes the sound device (e.g., “Sound Blaster” sound card)and optimizes the mixer settings. Here, the software allocates enoughmemory in the sound device to properly receive all the data. In oneembodiment, it allocates 1 MB of memory, which allows for approximately10 seconds of sound. It also checks to make sure the microphone is on(if it's off). The recording volume is initially set at the highestlevel. In some cases, however, if the recording volume is too high,signals will overflow the system and data may be lost. In other words,clipping may occur because of ambient noise. In this case, the softwarewill readjust the recording volume slider to suitable levels. If therecording volume is too low, weak signals may not be detected. To avoidfeedback, the playback mic control is turned off. In some sound devices,an automatic gain control (AGC) feature is provided. In this case, thesoftware turns on the AGC.

After the initialization step, the PC is in a “waiting for signal” stateat step 132. As mentioned before, in accordance with one embodiment ofthe present invention, the signal is in the form of a Frequency ShiftKeying (FSK) signal. At step 133, the software performs the detectionoperation. The detection of the FSK signal involves two distinctoperations—multi-rate processing and signal detection. In multi-rateprocessing, the signal from the A/D converter (from the sound device) ishigh pass filtered and downsampled while preserving the range offrequencies in which the received signal is assumed to occupy. Thisstage is used to restrict the attention of the detector to a narrow bandof frequencies in which the received signal may or may not be present.

The problem of detection is to determine whether a transmitted signal ispresent in a background noise environment. Assuming noise is gausian innature, one technique is to correlate the received signal with thespecific expected wave. The output of the correlator Z[n], can then becompared against a threshold to decide if signal is present. The test is

${Z\lbrack n\rbrack} = {\sum\limits_{m = 0}^{\infty}{{h_{mf}\lbrack m\rbrack}{y\left\lbrack {n - m} \right\rbrack}\begin{matrix} >^{H_{1}} \\ <_{H_{0}}\end{matrix}\eta}}$

y[n] is the received signal. h_(mf)[n] is a matched filter (usually asinusoid for FSK transmission). H1 is the alternate hypothesis (signalpresent), and H0 is the null hypothesis (no signal present). The testthreshold η is a value determined to minimize the probability of falsealarm, while maximizing the probability of detection. This maximizationis determined directly from the distribution of the test statistic Z[n].

In practice, the frequencies and amplitudes of the FSK signals are notknown a priori, with the result that a band of frequencies,corresponding to that band of frequencies defined by the range of errorfrom the transmitting card, are scanned using Discrete Fourier Transform(DFT) banks and then subjected to Generalized Likelihood Ratio Tests(GLRTs), to establish the presence or absence of a signal given. A GLRTis used since the amplitude of the transmitted signal is unknown, and sois the estimated parameter in the test. The noise thresholds for thetests are generated from a delayed window of “noise only” data, wherethe decision “noise only” was made by the detector at an earlier time,or from the start-up default condition, where the noise statistics areestimated. Subsequent to statistical testing, the received signal isfurther established as valid if it contains the proper data format (seeFIG. 5(A)) and spacing between frequencies f0 and f1.

Once the signal has been detected at step 133, step 134 decodes thesignal. The decoding procedure considers each of the two FSK channelsseparately to draw conclusions about the transmitted data. Referringbriefly to FIG. 14, the input detected signal is provided to two shortterm correlators—frequency f1 correlator 140 and frequency f0 correlator141. Again, the notion of a test statistic is used, where the teststatistics are generated by the two correlators. The hypothesis testingin this case is that between the alternate hypothesis (Signal present,power A0 in correlator 140 or A1 in correlator 141), and the nullhypothesis (No signal present, power level E0 in correlator 140 or E1for correlator 141). The testing between the two hypotheses in eachchannel can thus be understood to establish the received signal varianceas being either A1 (or A0) over E1 (or E0) in correlator 140 (or 141)given a Gaussian distribution for each hypothesis and an equalprobability that the received bit is a one or zero, that is, forcorrelator 140, the following test is used:

$\frac{p\left( {{r/\sigma_{r/H_{1}}^{2}} = {A\; 1}} \right)}{p\left( {{r/\sigma_{r/H_{0}}^{2}} = {E\; 1}} \right)}\begin{matrix} >^{H_{1}} \\ <_{H_{0}}\end{matrix}1$

This two-pronged approach for making bit decisions is necessary sincethe received FSK signal may be subject to echoes, a phenomenon thataffects each channel differently. The advantage of making two decisions,one for each channel, as opposed to a single decision, based on a teststatistic generated from testing the likelihood of one frequency(channel) over the other, is that when both channels disagree on thevalue of the received bit, one can use the ratios A1/E1 and A0/E0, as ameans for favoring the decision of one channel over the other. That is,if one channel has a stronger echo, it is less reliable. It is alsoimportant to note that the quantities A0, A1, E0, and E1 are all timevarying quantities, owing to the fact that card movement, even slightmovement, can give rise to noticeable changes in echo and signal levels.As a result, these quantities must be tracked throughout thetransmission. It should be clear that if the bit rate is Fb=1/Tb, thenthe above procedure is performed exactly once every Tb seconds, wherethe optimal timing, that is, the point at which to sample in an intervalTb, is determined during synchronization and resynchronization.

The output of correlator 140 is provided to threshold 144, where thethreshold is determined from the log-likelihood ratio test between zeromean Gaussian distributions having variances A1 or E1, under thealternate and null hypotheses, respectively. If the signal is greaterthan this threshold, then block 146 makes a decision that the signal isa logic “1” and updates A1 based on the current output power fromcorrelator 140, and using some averaging with the current value of A1.If the signal is less than this threshold, a “0” is established, and thevalue of E1 is updated based on the current output power from thecorrelator (140) and the current value of E1. Similarly, the output ofcorrelator 141 is provided to threshold 145. If the signal is greaterthan the threshold determined from the likelihood ratio test thatdecides between the alternate hypothesis (variance=A0) and the nullhypothesis (variance=E0), then block 146 makes a decision that thesignal is a logic “0” and A0 is updated based on a weighted averagebetween the current output from the E1 correlator (141) and the currentvalue of A0. If the signal is not greater than this threshold, then alogic “1” is decided and E0 is updated. The signal is then provided toblock 146 for the decision. Under most circumstances, we expect that thetwo LRTs (144 and 145) will make the same decision, agreeing that a “1”or “0” was received for a given symbol interval. In cases where the twodisagree, then if this is due to echoes, we can establish the bestdecision based on that channel having less echoing, which is determinedfrom the ratio E0/A0 or E1/A1. This final level of decision making isperformed at step 146.

To summarize the decoding operation, each of the two channels isprocessed separately, with a threshold being both tested against andupdated from the current observation. In the case where both channelsmake the same decision, a secondary test is provided which takes intoaccount the signals when the channels are inactive.

Returning to FIG. 13, the decoded data is then stored and processedbased on the application at step 135. The application may be simple formfilling on a web page after the user purchases some merchandise. Theapplication may be the automatic launching of the user's web browser andnavigation to a particular home page. Also, the application may be thedelivery of the data to a web site for processing at the server, such aswhen coupons are redeemed. The process ends at step 136. Normally, thespecial client software is always turned on in the background (i.e.,application could be placed in the Windows “tray”).

The detection operation will now be discussed in greater detail. One ofthe keys to implementing a recursive DFT rests on preserving theproperty of orthogonality between the frequencies in the DFT andignoring the choice of phase, which itself is arbitrary. Phase is onlysignificant in a relative sense; that is, phase exists between thefrequency components in the received signal. If desired, this phase canbe discerned in a recursive DFT scheme with a few additional operations.Accordingly, this allows for the extensions of this scheme to PhaseShift Keying (PSK) and Quarternary Phase Shift Keying (QPSK), as well asthe generalizations of these procedures.

Referring now to FIG. 15, a portion of the digital signal processingscheme is shown. Several DFT banks 150 are provided to perform the DFToperation on the received signal y(t). The DFT banks are necessarybecause of the inherent inaccuracy (i.e., due to small clock error) ofthe smart card in generating the FSK signals. If one knew the FSKfrequencies (e.g., f0 and f1), then the entire detection process wouldbe one of correlating along f1 and f0 and searching for a particularpattern or bit stream on which to synchronize using some type ofstatistical test as a criterion for acceptance. Because of the lack of aprecise knowledge of the transmitted frequencies, the data format of thesmart card includes a preamble. Referring briefly to FIG. 5(A), thepreamble includes the two frequencies f0 and f1, where these twotransmission intervals are sufficiently long to estimate each of the twoFSK frequencies precisely. The known bit pattern is then used forsynchronization. The reception software in the computer identifies thecorrectness of the received frequencies by their spacing (f1-f0),durations, and energy relative to the ambient noise level.

Since the smart card's clock error is consistent, identifying onevariable leads to the simple calculation of the other variables; thatis, the variables f1, f0, and T (symbol duration) have one degree offreedom which is the specific clock error in the smart card. Thus,assuming that the duration of each frequency is sufficiently long, andthat the energy over the given interval exceeds the threshold specifiedby the GLRT, then the symbol interval T can be recovered from the F1 andF0 intervals, as depicted in FIG. 5(A). With the symbol interval inhand, synchronization can be performed by using the delay line 152 inFIG. 15 along each of the corresponding frequencies f1, f0, according totheir respective indices in the DFT bank 150, and with the aid of theknown bit stream FIG. 5(A).

After the highpass filtering and downsampling, the frequencies ofinterest are located in the narrow band of 0-2 kHz. The bit rate for thesignal in this system is 200 bps in one embodiment, which is a symbolperiod of 5 msec long (T_(symbol)= 1/200 bps). The downsampled rate isapproximately 5 kHz (4.9=44.1 kHz/9, where 44.1 kHz represents thesampling rate of the sound card in the PC and 9 represents thedownsampling factor). At this downsampled rate, approximately 25 samplesare taken in one period (5 msec) of the received signal.

For practical purposes, the 0-2 kHz narrow band is divided into 13(which is approximately 25/2) bands to assist the software indetermining the actual frequency of the received signal. Accordingly,the DFT banks 150 include 13 separate banks, where each bank is focusedon one of these narrow bands. In effect, each bank or bank channeldetermines how much of the received signal is directed along thefrequency the bank channel is associated with; that is, how much thegiven bank channel frequency (e.g., w₀) contributes to the receivedsignal.

Because the bit rate for the system is 200 bps in one embodiment, theDFT window in the DFT banks is 5 msec long (T_(symbol)= 1/200 bps).Referring briefly to FIG. 16, the DFT window 167 is 5 msec long. Withinthe DFT window 167 are several sampled points, such as samples 160, 161,162, 163, and 164, although in FIG. 16, each DFT window is notassociated with 25 sampled points for the sake of clarity in theillustration. The 25 points in DFT window 168 are used to generate the13 DFT coefficients for the particular embodiment as specified by the44.1 kHz sampling rate, 200 bit per second transmission, anddownsampling factor of 9. Since the signal being analyzed is real, thespectrum has conjugate symmetry, and it is therefore sufficient toanalyze only half of the signal's total bandwidth. Having the DFT inwindow 167, we can proceed to compute the DFT in window 168 recursivelyin the following manner.

Fundamentally, recursively computing the DFT comprises the movingcorrelation between a given complex exponential e^(jkω) ⁰ ^(n) with thereceived signal x[n]. This quantity is denoted by â_(k)[n] such that:

${{\hat{a}}_{k}(n)} = \frac{\sum\limits_{m = {n - N + 1}}^{n}{^{j\; k\; \omega_{0}m}{x\lbrack m\rbrack}}}{N}$

Defining the intermediate variable {circumflex over (x)}[n] such that{circumflex over (x)}[n]=e^(jkω) ⁰ ^(n)x[n], the quantity â_(k)[n] is amoving average of the quantity {circumflex over (x)}[n], and hence canbe written in the form:

${{\hat{a}}_{k}\left( {n + 1} \right)} = {{{\hat{a}}_{k}(n)} = \frac{{\hat{x}\left\lbrack {n + 1} \right\rbrack} - {\hat{x}\left\lbrack {n - N + 1} \right\rbrack}}{N}}$

Note the change in lower bound from N to N+1, as in the lower bound onthe sum defining ak[n], which is termed the sliding DFT coefficient.Note that the difference

${{\hat{x}\left\lbrack {n + 1} \right\rbrack} - {\hat{x}\left\lbrack {n - N + 1} \right\rbrack} - {{x\left\lbrack {n + 1} \right\rbrack}^{j\; \frac{2\pi \; {k{({n + 1})}}}{N}}} - {{x\left\lbrack {n + 1 - N} \right\rbrack}^{j\; \frac{2\pi \; {k{({n + 1 - N})}}}{N}}}} = {\left( {{x\left\lbrack {n + 1} \right\rbrack} - {x\left\lbrack {n + 1 - N} \right\rbrack}} \right)^{j\; \frac{2\pi \; {k{({n + 1})}}}{N}}}$

so that the DFT coefficient a_(k)[n+1] is simply updated from a_(k)[n]by generating the difference between the newest and oldest samples, andadding to the real part of a_(k)[n] this difference times the cosine of2πk/N. Similarly, the imaginary part of a_(k)[n] is updated by addingthe product between the difference (x[n+1]−x[n+1−N]), scaled by thereciprocal of the window length N, and the sine of 2πk/N.

With this recursive formulation, the kth DFT coefficient a_(k)[168] forDFT window 168 can be computed from the kth DFT coefficient a_(k)[167]from DFT window 167 by determining the difference between sample 165 andsample 160, and updating the real part of a_(k)[167] with thisdifference times the cosine of 2πk*168/N, and similarly updating theimaginary part of a_(k)[167] by multiplying the difference betweensample 165 and sample 160 with the sine of 2πk*168/N.

Another recursive form for DFT is given by expressing the DFT window asthe impulse response

${h_{k}\lbrack n\rbrack} = {\sum\limits_{m = 0}^{N - 1}{^{j\; 2\; \pi \; \frac{k{({N - 1 - m})}}{N}}{\delta \left( {n - m} \right)}}}$

This representation has z-transform

$\begin{matrix}{{H(z)} = {\sum\limits_{m = 0}^{N - 1}{^{j\; 2\pi \; \frac{k{({N - 1 - m})}}{N}}z^{- m}}}} \\{= {^{{- j}\; 2\pi \; \frac{k}{N}}\frac{1 - z^{- N}}{1 - ^{{{- j}\; 2\pi \; \frac{k}{N}z} - 1}}}}\end{matrix}$

which yields the recursion formula

a _(k) [n]=e ^(−j2πk/N)(a _(k) [n−1]+x[n]−x[n−N])

Note that this recursion formula requires twice as many operations asthe first recursion.

Returning to FIG. 15, the output of the DFT banks 150 is a block 151that calculates the magnitude of the received signals for each channel.These values are then provided to delay lines 152, which is slightlylonger than the data stream by a factor of 3/2. The delay lines storethe values output from the magnitude block 151.

Concurrently, an additional delay line 153 is provided. This delay linetakes in input y(t) to make a calculation of the noise variance. Thenoise variance is actually calculated in the Auto-Regressive block 154.The delay through 153 of FIG. 15 is sufficiently long so that thevariance estimated at the output of 153 in the AR block 154 is from aperiod of time considerably earlier than the data in the correlator bank150 of FIG. 15 and the delay lines 152 of FIG. 15. This means that sincethe detector is currently searching for a signal, that earlier periodwhose power is evaluated in 154 of FIG. 15 must be a period deemed‘noise only.’ Hence, the statistics so computed are enough to specifythe threshold of the Neyman-Pearson test on Z[n], described earlier.

The bank channels having maximum energy are then found in the delay line152, according to the F1-F0 format described in FIG. 5(A). Since thesequence F1-F0 is transmitted first, these signal are the oldest in thedelay lines, or the furthest back in 152 in the direction of the arrows.These selected bank channels are then compared to the calculated noisethreshold to decide whether they are signal or noise, and also to eachother to make sure that the proper frequency separation is present. Oncethese tests are passed, the detector has now determined the two bankchannels that correspond to f0 and f1, or certainly close enough fordecoding purposes.

Once the f0 and f1 frequencies have been determined with the f0 and f1signals, the detector can now focus on synchronization. For thesynchronization bits, the detector is programmed to know the particularpattern. If the pattern is 01010101, then the detector starts at acolumn in the delay lines 152 of FIG. 15 (where the frequency indexdenotes a row in the delay line 152) that corresponds to the pointimmediately after the location of the frequency identificationintervals, F0 and F1, and alternately sums the values from the twoselected banks, corresponding to f0 and f1, in step sizes of T,corresponding to the estimated symbol interval as estimated from F0 andF1. For example, the detector starts with the first bit, “0”, which isthe first symbol received, and so is the oldest on the delay line. Thedetector takes the value from the selected bank channel assumed tocorrespond to f0. The detector then proceeds to the next bit, “1”, withlocation offset from the point previously taken from f0 by T samples andin the direction of the most recent sample, or towards the DFT bank, andadds this value from the f1 bank to the previous value. The detectorcontinues with this 01010101 pattern until it has summed, for each valuein the bit stream, the corresponding channel magnitude, with each suchelement separated from the previous by symbol interval T. Since this sumis a function of the offset from zero time, where zero time denotes thepoint where the energy in the first synchronization bit exceeds that inthe last frequency identification bit, as in FIG. 5(A), we construct acost function C[m], where m denotes the offset in samples from the zerotime, and we define this first sum as C[0]. We write

${C\lbrack n\rbrack} = {{\sum\limits_{m = 0}^{M}{{b\lbrack m\rbrack}f\; {1\left\lbrack {D - n - {mT}} \right\rbrack}}} + {\left( {1 - {b\lbrack m\rbrack}} \right)*f\; {0\left\lbrack {D - n - {mT}} \right\rbrack}}}$

where b[n] is the known preamble sequence, D is the offset from theoutput of the Magnitude device 151 to the zero time in 152, f1 is thedelay line associated with frequency f1, and similarly for f0. Note thatthe sum moves from the oldest recordings of the 151 ouput towards thenewest, in agreement with our understanding that the first bittransmitted will be the oldest recorded.

The detector now evaluates the sum C[1], which determines the sum of thedelayed f0 and f1 correlator outputs offset by 1 sample from theprevious sum, with the offset in the direction of the most recentsample, or in the direction of the DFT banks (opposite the direction ofthe arrows in FIG. 15). As before, the cost function C[1] is generatedby alternately summing the magnitudes stored in the delay lines 152 ofFIG. 15, spaced apart by T samples, with the choice of frequency indexf0 or f1 in the delay line 152 given by the corresponding value of thebit in the known bit sequence “0101010101”. The detector now evaluatesC[2], C[3], etc. until it has evaluated at least T points, which issufficiently long to determine a synchronization point. When all theelements of C[m] are then compared to each other, one of the points isthe maximum; that is, when these sums are plotted, the plot forms anupside down V pattern. The sum corresponding to the peak of this upsidedown V pattern is the synchronization point. From this synchronizationpoint, one can in turn evaluate A0, A1, E0, and E1, which are the powersin each channel for one or the other of the two frequencies transmitted.Knowing the synchronization point on the received synchronizationpattern, these quantities are directly calculated by taking advantage ofthe known (synchronization) data sequence.

The final issue to address is resynchronization, which bears sharpresemblance to synchronization. Based on the timing synchronizationpoint K established from the maximum of C[m], the decoder will sampleevery T samples at points K+nT until the decoder reaches the ‘stop’ bitframing a given received byte. Since the “start” and “stop” bits areknown, these bits are used to resynchronize much in the same way as theknown synchronization sequence assisted in establishing thesynchronization point K. In this case, however, rather than having manybits, there are only two, but conceptually the process is the same. Acost function is constructed from a point corresponding to the middle ofthe coming “start” bit. In this way, knowing that we are probably notoff by much in terms of synchronization loss, we can sum the magnitudeof the delayed “stop” bit with the current “start” bit, generate a costfunction C′[m], and use the maximum as the new synchronization point K′.In some applications, an AGC can be introduced to the DECODING stage ata point prior to the f0 and f1 correlators to ensure that theresynchronization cost C′[m] always has the correct maximum bycorrecting the received signal in the presence of fading or weaksignals.

In another realization, one can replace the auto-regressive noise powerestimator 154 of FIG. 15 with a bank of autoregressive (AR) estimatorswhich separately track the power in each of the frequencies analyzed bythe bank 150 of FIG. 15. In this case, the delay line 153 of FIG. 15 canbe removed, and the input to the bank of AR power estimators can beplaced at the end of 152 of FIG. 15, after the delay line length of 152is extended from L to accommodate the time required for the preambleduration and the time for the AR buffers in the new frequency-powerestimation unit to fill with noise.

Interference Suppression:

The utility of estimating the noise power as a function of frequency,which is called the periodogram estimate, is particularly useful in thecase where the background noise environment is colored. Classically,detection in the presence of colored noise amounts to preceding thedetection mechanism with a prewhitening filter. When detectingfrequencies, however, a whitening filter would translate to an increasedthreshold for those frequencies where the noise power is higher, and areduced threshold at those frequencies with little noise power. This isin fact exactly how the spectrogram is used—thresholds are set at afrequency by frequency basis, where out of band interference can then beignored. The cumulative effect of the periodogram estimate is thensimply to replace the previous estimate of the threshold, for a givenfrequency, with the corresponding periodogram noise estimate for thatfrequency.

The advantages of this digital signal processing scheme are primarilythreefold:

-   (1) The received signal may have a low signal-to-noise ratio since    the DFT bank used for detection is essentially a bank of narrowband    filters, improving the SNR per channel as compared with simple    energy tests on the received signal. This is particularly important    since the acoustic signals that are detected have very low    amplitudes.-   (2) The detector is practical to implement because of the    application of the moving average concept to the DFT banks.-   (3) The accuracy of the detector is close to optimal. The detector    is a true matched filter.

In another embodiment, n-ary phase shift keying (nPSK) technique is usedto decode the signals instead of FSK. In this scheme, the delay lines orchannels at the output of the DFT bank, select one of the channels basedon magnitude. Having selected the best bank, estimate the phase shift byprocessing the I-phase component and the Q-phase component of this bank.The offset determines whether the transmitted data is a “1” or “0”.

4.5 Concurrent Operation of Multiple Recording Software

In some computer systems, the operating system does not allow more thanone recording software to operate at any given time. One such group ofoperating systems is Windows 95/98/NT/2000. If Windows allocatesresources in the sound card for a particular commercial recordingsoftware, the special client software 114 (in FIG. 11) in accordance ofthe present invention may not work properly. After all, the electroniccard and the special client software need the sound card in the PC tocapture the audio signals for electronic card-to-PC transmissions and togenerate the audio signals for PC-to-electronic card transmissions.

Assuming that the commercial recording software was installed first,Windows dedicates resources for that software in the sound card. Anyother recording software that is installed later may not be recognizedby Windows. Of course, if the special client software 114 (in FIG. 11)in accordance with the present invention is installed first, then theelectronic card-special client software will work properly. Thelater-installed commercial recording software may have some problemsworking properly.

Of course, the user could manually unlink the commercial recordingsoftware from Windows to make the special client software work properly,but this is a cumbersome and annoying task. Furthermore, if some bug inthe first-installed commercial recording software is present, the soundcard in the PC would be locked and the special client software 114 (inFIG. 11) cannot function.

In accordance with one embodiment of the present invention, a specialdriver would be written and placed between the current driver and theWindows Multimedia interface. Referring to FIG. 43, several applications430, 431, 432 are installed in the computer station, which in thisexample is a PC with a Windows operating system. One of the applicationsis the special client software 114 that can communicate with theelectronic card of the present invention.

In order to access the sound card 438, these applications use theWindows Multimedia interface 433. Normally, the Windows Multimediainterface 433 communicates directly to a driver 437 to access the soundcard 438. In one embodiment of the present invention, a special driver435 is written and is placed between the Windows Multimedia interface433 and the driver 437. The API 434 of the special driver 435 is a copyof the API 436 of the driver 437. This special driver 435 is installedinstead of the current default driver 437. But the special driver 435uses the default driver 437 for normal operation. The special driver 435also changes some of the recording parameters for the special clientsoftware 114 to function properly. Note that some of the processing canbe done in the driver level, where the invention's “driver” layer willperform the processing.

In operation, when an electronic card signal is detected by the soundcard 438, the driver 437 presents the data to the special driver 435.Some byte of data in the electronic card transmission will be providedto let the special driver 435 know that this data is for the specialclient software 114 and not the other recording applications. Of course,some decoding logic would be provided in the special driver 435 todecode this byte in the electronic card transmission. Once decoded, thespecial driver 435 processes this data for the special client software114, while preventing other applications (such as application 430) fromtaking control. In effect, the special driver 435 convinces WindowsMultimedia interface 433 that the current recording channel is no longervalid. Then, the special client software 114 accesses Windows Multimediainterface 433 for its own needs. This way, the special client softwaretakes control of the sound card 438 without crashing the otherapplications in the computer system.

In another embodiment, as shown in FIG. 44, the special client software114 interfaces directly with the special driver 435 instead ofindirectly through the Windows Multimedia interface. The special clientsoftware 114 “steals” the appropriate handles that are used by anotherapplication (e.g., application 431) so that the electronic card-specialclient software communication can take place via the sound card 438. Asknown to those ordinarily skilled in the art, Windows provides handlesof Windows Multimedia interface 433 to the relevant application. Therelevant application uses the handles to have Windows Multimediainterface 433 perform various tasks.

4.6 Server-Based Processing

In the above description of the base station, special client software isresident in the client to perform such tasks as digital signalprocessing, data processing, performing some web-related action, andcommunication with selected web servers. Typically, all the necessaryfunctionality are found in the special client software. In some cases,however, the software needed to perform some functions is downloadedfrom a designated server on an as-needed basis. In other words, thespecial client software in conjunction with a particular supporting webserver determines whether a particular functionality is available in theclient. If so, then the user goes about his business to conduct anytransaction or otherwise communicate with that web server. If not, thespecial client software downloads that functionality from that webserver so that the user can employ this functionality with this webserver.

In another embodiment, the server contains all the functionalitydescribed above for the base stations to process the acoustic signalsand perform the designated action based on the data in the signals. Theclient contains only the necessary software to record sounds and deliverthose recorded sounds to any designated server. The server would thenplayback the recorded sounds and digitally process the signals toextract the data therein (if any). Thus, instead of processing thesignals and communicating the data to the web server, the client merelyrecords the sounds and delivers them to the server. The server itselfperforms the digital signal processing operation, data processingoperation, and the requisite action.

In this embodiment, the client software contains two main features: (1)recording, and (2) communications. The first feature allows the user therecord the acoustic signal that is emitted when the user presses thebutton on the electronic card. The second feature allows the recordedsignal to be delivered to a default designated web server to process thesignals for authentication. The default designated web server would becontacted if the user did not already launch his web browser or the webbrowser has accessed a web page that does not support the electroniccard and its communications protocol in accordance with the presentinvention. If, however, the web browser has already been launched andthe user has accessed a page that supports the communications protocolof the present invention, then the communications component of theclient software would interface with the web browser to deliver therecorded sound to that particular web page's web server.

Typically, when the web browser accesses a web server (i.e., web page)that supports the communications protocol of the present invention, theweb server would send a code (or embedded data in the header) along withthe html data that only the client software can interpret. It functionslike a flag. When this code is detected by the client software, therecorded audio file can be delivered to this web server. If the code isnot detected (i.e., this web page does not support the communicationsprotocol of the present invention), then client software sends therecorded audio file to the default server.

5.0 Applications

The spectrum of applications covered by the various embodiments of thepresent invention is broad. Referring to FIG. 46, at the core of thevarious applications is the electronic card 460 itself, whether inone-way or two-way form. As a receiver of information, the electroniccard 460 can receive all kinds of information from simple facts tocoupons, discount offers, promotional offers, and incentive points. Thereception of information occurs via some electronic device 461, such asa broadcast media (e.g., TV, radio) or a personal computer.

The received information can be in two forms—(1) embedded information,or (2) actual content for later pattern recognition. The embeddedinformation can be some code that complies with the communicationsprotocol of the present invention. Exemplary embedded information can beactual synthesized sounds that are generated as part of the broadcastprogram, code that was mixed in later at some point in the distributionchain of the broadcast program, and an audio file that is played on awebsite.

For the reception and processing of actual content, no communicationsprotocol need to be followed since the electronic card is recording theactual sounds (whatever they may be) that emanate from the speakers ofthe TV, radio, or computer system. Later, the user can playback hisrecording where some pattern recognition server will attempt to matchthat sound clip with one of the soundtracks stored in its database. Whena match is found, the server will identify the sound clip, provide linksassociated with the sound clip, or automatically redirect the user to arelevant website associated with that sound clip. This patternrecognition feature is particularly valuable when the user has limitedor no access to the Internet at the moment that the user hears thesound. By recording that sound at that moment, he can later get moreinformation related to that sound clip.

Based on the type of information received (and saved), the electroniccard 460 can be used to exploit this information. Thus, if theinformation received is a coupon, the electronic card 460 can be used toredeem this coupon either online on the web or at a conventionalbricks-and-mortar store.

As a source of information, the electronic card 460 allows the user toperform various acts with the mere press of a single button. The buttonpress can launch applications or functions as represented by referencenumeral 462, authenticate the user into a website or server asrepresented by reference numeral 463, or perform other acts 464 within aservice once the user has successfully accessed and been authenticatedinto a service.

For the launching action 462, the press of the button initiates suchthings as launching an application (e.g., web browser), accessing aparticular website (e.g., buying club, travel service (airline, car,hotel), online account service, online banking, and proprietary servicesuch as America Online), or accessing some service that requirestelephone dial-in. In this launching action, no authentication isnecessary since the user is merely accessing services that are publiclyavailable but in a way that is more efficient and user-friendly.

For the authentication action 463, the press of the button on theelectronic card 460 enables the user to securely log into variousservices S₁, S₂, . . . , S_(N), whether these services are accessed overthe web or via a telephone number. Thus, instead of arduously enteringID and password information, the electronic card 460 simplifies theprocess by performing the login functions for the user withoutcompromising the security concerns of these services. Exemplary servicesinclude an online trading service, a private intranet, a proprietarydatabase, a remote desktop, a remote hard drive service, a web-basedemail service, or a music collection service. The list of services,whether commercial or personal, is long and can be anything thatrequires some authentication action to allow the user to access thecontents therein. The authentication would be needed because the servicecontains personal or otherwise private information that need to besecurely protected, or the service is commercially motivated to limitaccess to paying users.

Once the user has successfully been logged into a service (accessed andauthenticated), the user can use the electronic card 460 to performother actions with the press of a button. These actions can be as simpleas filling out a purchase form at the checkout line to purchase somemerchandise at an online store. For more sophisticated operations, thepress of the button on the electronic card 460 may involve detecting thecontext of the user's current online experience and taking some actionbased on this context. Thus, this context-sensitive feature canintelligently detect what the user wants to do based on which web pagehis was viewing at the time he pressed the button. One example of thistype of action is the e-wallet 464 which simplifies the user experienceat various merchants' websites M₁, M₂, . . . , M_(N).

In another embodiment, the authentication action 463 follows immediatelyfrom the launching action 462. Thus, although FIG. 46 shows two arrowsdirectly flowing out of electronic card 460 into launch 462 andauthentication 463, this alternative embodiment would show only onearrow directly flowing out of the electronic card 460. This one arrowwould point to launch 462, which would point to the authenticationaction 463.

Importantly, these applications require no infrastructure changes.Existing sound systems in personal computers work with the electroniccard.

5.1 Broadcast Media

One embodiment of the present invention is the user of the electroniccard to download (and later redeem) coupons via broadcast media (e.g.,television, radio). For the moment, the manner in which the coupons,targeted sales offers, special discounts, sales information, and thelike are delivered to the broadcast media devices such as televisionsand radios will not be discussed. Hereinafter, the term “coupon” or“coupon data” will be used to refer to these various sales offers. Thus,the electronic card 10 can receive coupons from a radio/stereo system 11via sound waves 19 w; a television 12 via sound waves 19 x; a personalcomputer 14 via sound waves 19 y; and a conventional non-web store 13via sound waves 19 z. To receive these sound waves, the electronic card10 contains a transducer for converting the received sound waves intoelectrical signals for digital signal processing. The electronic card 10is placed near the speakers of these broadcast media devices, computerspeakers (such as speakers 14 a and 14 b), and speakers at checkoutcounters in conventional stores. Although the speakers generate theactual sound waves, the source of the sound waves (and the data therein)is located at key locations in the television/radio infrastructure(e.g., headend of a cable service), web infrastructure (e.g., web site),and the conventional store office (e.g., network server in the back roomof a department store).

Once the coupon data has been received and stored in the electronic card10, it can be redeemed in any number of ways. In one embodiment, theuser of the electronic card 10 can use a web browser (e.g., MicrosoftInternet Explorer or Netscape Navigator) in his personal computer 14 toaccess the Internet 16 via his Internet Service Provider (ISP) 15. Onceon the Internet, the user can access any web merchant's web site 17 orweb portal 18. Having located and accessed the web merchant 17 or webportal 18 that is sponsoring the coupon that he just downloaded, theuser would then go to the web page that contains the coupon redemptioninformation. Such a web page can be the home web site of the webmerchant, or it could be merely a button on the web page that sayssimply, “Click here to use your electronic card coupon.” When the userclicks on the button, the server associated with the web page would sendan audio file (e.g., .wav file) to the web browser. The web browserwould interact with the sound card in the computer 14 to play the audiofile. The electronic card would receive the sound waves generated fromthe speakers 14 a, 14 b of the computer 14, process them along with thealready stored coupon data, compare them to make sure that the propercoupon data is stored in the electronic card 10, and if the coupon datais proper, the electronic card 10 would generate a password on its LCD.The user enters the password manually on the keyboard and submits it tothe web site. Then, depending on the type of coupon that the userpreviously downloaded into his electronic card, the web site could applythe coupon to the user's purchase or award a merchandise for free. Thisis just one of the many ways in which the user could use or otherwiseredeem his coupon in his electronic card 10. This and other ways ofredemption are detailed below.

An alternative option is that the customer will not need to remember themerchant's web address. The web address will be stored as part of thecoupon data. The user would simply access a central homepage, press thebutton on his card, and the card will transmit the data (two-way card)and the browser will direct him automatically to the merchant's webpage. In fact, the web address may even direct the user to the exactproduct with the discount already in place. To save space andcommunication time, instead of full webpage addresses, the coupon willcontain a coupon ID which will be interpreted at the central homepage. Asecond option will be to use a tray application that always listens anddoes the job of the central homepage (selection of coupon andredirection). In addition, using the same pattern recognition methoddescribed below, the coupon could be a recorded part of the commercialwhich will then be associated and detected in the central web page.

If the user stored multiple coupons, the browser will ask him which oneto use and he will make his choice either via clicking or via thekeyboard/mouse. These and other embodiments will be described furtherbelow.

5.1.1 Broadcast Media Infrastructure

One embodiment of the present invention allows coupons to be downloadedfrom the television/radio infrastructure to a user's electronic card 10(see FIG. 1). The manner in which the coupon can be redeemed varies fromapplication to application. First and foremost, a brief discussion ofthe television and radio infrastructure will be provided.

Cable television systems are well known. As shown in FIG. 23, thesesystems are usually comprised of a headend 170 a with one or more trunklines 172 a-172 c extending therefrom, where each trunk line has aplurality of feeder lines 173 a-173 c extending therefrom intosubscriber areas. Each subscriber 174 a-17 is attached to a feeder linevia a line tap onto the feeder or service line.

If the distances between the headend and subscriber areas aresubstantial, intervening distribution hubs 171 a-171 c may be locatedalong the trunk lines to replenish the strength and quality of thesignal transmitted to the subscribers. Distribution hubs simply act assmall headends and exist to ensure the quality of delivered signal inlarge CATV networks. Each distribution hub may, in turn, be coupled to aplurality of service sites by feeder lines. Each service site may haveone or more service lines extending therefrom to couple a plurality ofsubscribers to the service site.

In this cable network, a transmission signal is provided by the headend170 a over the trunk lines 172 a-172 c to the distribution hubs 171a-171 c or service hubs. This amplified signal is then provided to thefeeder lines 173 a-173 c extending from the distribution hub or servicehub to provide the signal to the service sites. Taps located at eachsubscriber site bring the transmission signal into a subscriber's site.

The transmission signal from the headend 170 a may include entertainmentsignals and data signals. The entertainment signals may be received asbroadcast signals received via satellite 179 from an originatinglocation. This originating location may be another headend 170 b. Thisoriginating headend 170 b receives its signals from channel or programsources 175 a-175 c. These channel or program sources 175 a-175 c may beHBO (i.e., Time Warner), TBS, ESPN, ABC, NBC, CBS, PBS, or even the FoodNetwork. It is also possible for the channel or program sources 175a-175 c to have a direct link to headend 170 a (instead of headend 170b) if these channel or program sources are located reasonably close sothat a satellite link is not necessary.

At the headend 170 a, the policies and business strategies dictate whichof the many programs the headend 170 a receives from the headend 170 bwill be rebroadcast to the subscribers and on which channels. Eachsubscriber area may receive a different set of channels and programs asdetermined by the headend 170 a. Of course, the subscriber also controlswhich of the available channels he receives based on his subscribedservice.

Each broadcast signal is placed on its own channel within the spectrumof the trunk, feeder and service lines used in the CATV system. Thespectrum of the lines coupling the CATV system together is the range offrequencies supported by the communication conduits used for the lines.In a typical CATV system, this spectrum is divided into a transmissionportion and a return portion. The return portion of the spectrum may beused to support data transmissions, telemetry, and/or controlinformation from subscriber sites back to the headend. The datatransmissions from subscribers typically include status informationabout the subscriber's equipment which may be used by components at theheadend to ascertain the status of the cable system or subscriberequipment.

Referring now to FIG. 24, the conventional broadcast television andradio infrastructure is somewhat analogous. A user 185, among manyusers, has a TV antenna on the roof of his house. With the antenna andthe TV inside his house, the user can receive broadcast TV signals froma number of TV station transmission towers 183 a-183 c, if thesetransmission towers are reasonably close and are transmitting at asuitable power. These transmission towers 183 a-183 c are associatedwith local TV stations 181 a-181 c.

Typically, each TV station is affiliated with one of the majornetworks—NBC, CBS, ABC, PBS, Fox, or WB. By being affiliated with one ofthe networks, the local TV stations can broadcast network programmingduring prime time (usually 8 PM to 11:00 PM), late night (11:30 PM to1:30 AM), daytime (e.g., soap operas), and certain other designated timeperiods (e.g., weekend sporting events). In addition, these local TVstations can broadcast locally produced programming such as local news,local sporting events (e.g., high school or local college), and localevents (e.g., downtown Christmas parade). Finally, these local TVstations can broadcast syndicated programming at various desired timeslots. These syndicated programs can be reruns of popular TV shows(e.g., MASH, Cheers, Star Trek), currently produced game shows (e.g.,Jeopardy, Wheel of Fortune), or the lengthy infomercials, among others.

Usually, the TV stations 181 a-181 c receive non-locally producedprogramming from a network or programming source, such as source 184. Ifthe distance is great, a link with a satellite 186 is needed. Typically,each local TV station would have its own satellite dish and receiver toreceive these non-locally produced programming from the source 184. Inother cases, a distribution center 180 is provided with a satellite dishand receiver which then delivers the programming to the appropriatelocal TV station 181 a-181 c via lines 182 a-182 c. Typically, thedistribution center 180 is associated with a particular network (e.g.,NBC) to serve several nearby local TV stations who are also affiliatedwith the same network but which serve different local regions (with someoverlap).

The infrastructure for radio stations is similarly structured as shownin FIG. 24. Thus, a radio station 181 a has local programming as well asnetwork programming and syndicated programming (e.g., Howard SternShow). The non-locally produced programming are received from thenetwork or program source via satellite. The locally-produced programsoriginate from the radio station itself normally. The user 185 has aradio/stereo system with speakers and an antenna.

5.1.2 Broadcast Media Coupon Transmission

A coupon is a sales item that a merchant distributes to the mass publicor a limited set of the mass public (i.e., targeted consumers) topromote his store (web or otherwise), product line, service line, orother business. The hope is that after redemption of the coupon, theconsumer will like the product or his “visit” to the store just enoughso that the consumer will buy that coupon or visit that store again.With this initial step, the merchant hopes to breed brand or storeloyalty with this consumer. Usually, coupons are found in print media(e.g., newspapers, magazines) or on ad banners in certain web pages.But, as mentioned above, coupon distribution via the print media or theInternet is inefficient and ineffective.

Use of a special card that simply records time slices of sound forplayback to a centralized pattern recognition server that correlateseach slice to a coupon is discussed more fully below. But incircumstances where a more brief and reliable way of communicatingcoupons is desired, or in information environments that are too datarich for convenient implementation of a pattern recognition server,another method of communicating coupons to a card from an ordinarytelevision, radio or sound device will now be discussed.

In accordance with one embodiment of the present invention, coupon datacan be either in the audible frequency range or ultrasonic range. Thesedata are mixed with normal programming so that when the user is watchingTV or listening to the radio, he can collect coupons in a relativelysimple manner. The television or the radio set itself is a passivedevice; that is, it receives electromagnetic signals, demodulates them,and presents the information in the signals to the user via the TVscreen and speakers. Thus, the TV set or radio set itself does notgenerate any coupons; rather, it merely presents what it receives fromthe program/channel source.

Accordingly, the coupon data are mixed at a point somewhere along (andincluding) the communication path between the network/channel/programsource and the user. Taking the exemplary cable infrastructureillustrated in FIG. 23, the coupon data can be generated with theprogram at the program source, such as program source 175 a. In oneexample, the studio that makes a particular movie or TV show can “place”a coupon into the plot of the show. Much like product placement, theproducers of the TV show could, for example, create the data stream (seeFIG. 5(B)) by electronically synthesizing it. In this example, thissynthesized data stream is audible. During the making of that TV show,an actor could announce on-air, “Please take out your XYZ card toreceive a free gift or coupon. In just a few seconds, the coupon will bedelivered to you.” A second method will be to show a special visual markat the corner of the screen at the beginning of the commercial andremove it when it is over. At this point, the audible data stream isplayed. This is recorded as part of the show. Of course, the context ofthe TV show is such that this announcement will not seem out of place orinappropriate. The TV show could be a home shopping network or astandard sitcom. When this TV show, which was recorded sometime in thepast, is finally broadcast on TV, and the user watches it, he will beable to download the coupon at the proper time. So, when the scene wherethat actor makes that coupon announcement is shown, the user merelypoints his electronic card to the TV speakers and receive the audibledata stream for storage in his card. The user now has the coupon or giftin his electronic card. Of course, only those users with the electroniccard can interact with the TV in this manner to receive this coupon. Inthis case, the coupon is provided within the show itself and therefore,no mixing of the data stream with the audio tracks is necessary.

In an alternative embodiment, this embedded audio data could be playedrepeatedly throughout the broadcast of this show so that the user neednot time his recording precisely. Thus, whenever this show is on, theuser could record a portion of the broadcast and since the embeddedaudio data is looped over and over again, the user is assured ofcapturing this data in his electronic card.

For the most part, however, the merchant of the coupon do not want to beindelibly linked to a TV show, radio show, or movie forever. In thiscase, the data stream containing the coupon data is mixed with the audiotracks at another point in the broadcast link. If the merchant has someagreement with a channel or network source, such as HBO or CBS, he canensure that his coupon his placed with certain shows for a certain timeperiod. If the merchant's agreement runs for one year, he may specifythat every episode of CBS's “60 Minutes” for the corning year should airthe merchant's coupon at some specified time. Although “60 Minutes” isproduced like always, the CBS channel source that is responsible fordistributing the show to its affiliates mixes the merchant's coupon datastream with the audio tracks of “60 Minutes”. The CBS channel sourcealso provides some visual indication of when the data stream will beplayed to alert the viewer to get his card out for the download. Thisshow is then provided by CBS to the headend 170 b (FIG. 23) which thendelivers “60 Minutes” along with other programming to the appropriateheadend 170 a for regional distribution. When “60 Minutes” is finallybroadcast on cable TV, the user merely takes out his card at theappropriate time (which is specified) and downloads the coupon.

Similarly, a merchant may buy certain 30 second or 1 minute commercialslots to be played during commercial breaks of a TV show. The merchantmay record the data stream in his commercial so that when the commercialis finally played, the coupon data can be played and the user candownload the coupon.

Similarly, the mixing of the coupon with the programming (or commercial)may occur at the headend 170 b or 170 a. Normally, the headendassociated with the cable service has commercial slots of its own tosell. Some of the merchants buy these commercial slots and much like theabove TV commercial, the merchant records the coupon data stream withthe commercial so that when the commercial finally airs, the coupon datastream is emitted and the prepared user can download the coupon. Theheadend could also mix coupon data streams on its own with the audioportion of the programs that are aired. A headend that is responsiblefor a region can strike deals with local merchants who want to air theircoupon data stream. In this manner, local merchants can distribute thecoupon data to the subscribers in the region of interest at a price muchlower than the national merchant who wants to advertise nationally. Thisis similar to paying for local advertisement time on local TV channels.

The same principles apply to the conventional TV/radio broadcastinfrastructure. The coupon data stream can be recorded or mixed at theproduction studio (e.g., for shows and commercials), the network source(e.g., CBS), and the local station (e.g., station KXYZ). Each entity inthis broadcast link can strike its own deals with merchants who want toprovide coupon data to users.

When the data stream is emitted by the speaker of the TV or radio, theuser normally points his electronic card in the direction of the soundand presses the RX button to receive and download the data. The cardthen turns off after the data has been received. If more coupons areavailable, the user can activate his card and receive more coupons. Thenumber of coupons stored in the card is limited by the storage space.

Referring to FIG. 5(B), the data stream includes a data portion. Thisdata portion can be any length and can contain any information. In thecoupon case, the data portion may include a merchant ID and a couponnumber. The coupon redemption scheme relies on these two pieces ofinformation to authorize the redemption.

In another embodiment of the present invention, the coupon data aretransmitted to those subscribers with set top boxes. Set top boxes arenormally used for interactive TV as well as certain premium cableservices (e.g., AT&T Cable Service's Expanded Service with DigitalCable). For these cable services, these set top boxes also provide someelectronic TV program guide functionality so that the user can simplyselect his channel using his on-screen program guide rather thanentering the channel number directly. Of course, the user can stillenter the channel number directly if so desired.

For this embodiment, the coupon data are transmitted during off-peakhours (e.g., early in the morning) once a day, or during the verticalblanking intervals (VBI). As the coupon data is transmitted, the set topbox receives and records them for later playback as necessary. Thus,instead of the coupons being associated with a program, the coupons arenow associated with a channel or the electronic TV program guide. Theuser can turn to a dedicated Ad channel where he can scan the listedcoupons and select the ones he wishes to download. When he has selecteda coupon for download, he presses a button on his set top box remotecontrol (or his electronic card). The set top box then plays the audiofile that contains the coupon data. The user would of course have hiselectronic card ready and pointed toward the speaker. The coupon data isnow stored in his electronic card.

5.1.3 Broadcast Media Coupon Redemption

Assuming that at least one coupon is stored in the user's electroniccard, the user has several options to redeem his coupon:

-   (1) Password-based Internet Manual Redemption—access the coupon    sponsor's website and redeem manually via a password-   (2) Internet Automatic Redemption—access the coupon sponsor's    website and redeem automatically-   (3) Store Redemption—physically visit a store and manually redeem at    the checkout line/kiosk

These redemption schemes will now be discussed. In the preferredembodiment, the automatic form of redemption if favored over the manualredemption, although both are feasible.

5.1.3.1 Password-based Internet Manual Redemption

Password-based Internet Manual Redemption implies that the user mustenter some key sequence with his computer keyboard to redeem his coupon.In one embodiment, the user's electronic card includes an LCD display.In this embodiment, the user accesses the website associated with thestored coupon. Eventually, he navigates to the page where the couponredemption function is provided. He may even see a button on the webpage that says “Click here to redeem with your electronic card.” Whenthe user presses the button on the web page, the web page asks the userto press the RX switch on his electronic card. The web page plays anaudio file which includes what is hereinafter referred to as “redemptiondata” and the electronic card receives this audio signal and processesit.

Based on a known algorithm that checks whether the coupon is valid ornot (based on the merchant ID and coupon number), the electronic carddisplays a password. Simultaneously, the web page asks if the userreceived the signal properly. If not, the user can press that button onthe web page again to initiate the playing of the audio file. If theuser's electronic card received the audio signal properly and provided apassword, the web page provides a section that allows the user tomanually enter the password. The user then enters the password. The website checks to make sure that this is a valid password and if so,authorizes the redemption. If the password is not valid, the websitewill deny the redemption request. The user then proceeds in theconventional manner to either continue shopping or go to the checkoutline to claim his gift or otherwise apply his coupon to his purchase.

In this embodiment, the password is unique to this particular redemptionbecause the counter value and the individual ID (refer to the discussionabove with respect to FIGS. 5(A) and 5(B)) in the card have beenincorporated in the password generation. Thus, merely giving a friendthis same password will not enable this friend to “redeem” a couponbecause that password is unique to the electronic card holder and thatparticular transaction. Another electronic card user who downloads acoupon will have a different password.

In another embodiment, the special client software 114 (FIG. 11) plays amore important role. When the user navigates to the web page where thecoupon redemption function is provided, he may see a button on the webpage that says “Click here to redeem with your electronic card.” Whenthe user presses the button on the web page, the web page asks the userto press the TX switch on his electronic card. When the user presses thebutton on the web page, the web site delivers the redemption data whichis provided to the special client software. The user also activates theTX switch on his electronic card to transmit the coupon data to the PC.The PC processes the coupon data with the redemption data and generatesa password. The password is displayed by the PC and the user can enterit manually with his keyboard into the web page. The web site checks thepassword and either authorizes or denies the redemption request.

In the above two examples, the user's electronic card may hold severalcoupons. The processor checks each coupon separately with the redemptiondata to generate the password. For those coupons that are not associatedwith a particular merchant's redemption data, they are ignored.

Note that these password or two-factor security schemes are, as apractical matter, less convenient to the user. So, these two-factorsecurity schemes will be employed if security is paramount. If, however,convenience is paramount, such as for online shopping, these two-factorsecurity schemes will not be employed. The user only needs theelectronic card itself to conduct his online shopping.

5.1.3.2 Internet Automatic Redemption

Internet Automatic Redemption implies that the user need not enter anykey strokes with his computer keyboard to redeem his coupon.Furthermore, the user's electronic card need not have an LCD display. Inthis embodiment, the user accesses the website associated with thestored coupon. Eventually, he navigates to the page where the couponredemption function is provided. He may even see a form on a web pagethat requests, “Please enter the coupon redemption number.” The userthen presses the TX switch on his electronic card which transmits hiscounter value, individual ID, and the coupon data. If more than onecoupons are stored in the electronic card, all coupons are transmittedto the PC.

The special client software 114 (see FIG. 11) receives the data anddisplays a dialog box with some choices and asks the user which couponhe would like to redeem. The user selects the choice that corresponds tothe coupon he wishes to redeem. The special client software then fillsout the web page form with the coupon redemption number (which mayincorporate the individual ID, counter value, and coupon data) and sendsthe form back to the web site. The web site checks the coupon data aswell as the user's individual data and counter value to ensure that thisuser is a valid card holder and eligible to receive this coupon. Thecounter value is used to ensure that this same downloaded coupon cannotbe used again by some computer hacker who stole the coupon redemptiondata online. As described above, with each press of the electronic card,the counter value increments.

In another embodiment, when the user navigates to the web page where thecoupon redemption function is provided, he may see a button on the webpage that says “Click here to redeem with your electronic card.” Whenthe user presses the button on the web page, the web page asks the userto press the TX switch on his electronic card. When the user presses thebutton on the web page, the web site delivers the redemption data whichis provided to the special client software. The user also activates theTX switch on his electronic card to transmit the coupon data to the PC.The PC processes the coupon data with the redemption data and generatesa password. The password is not displayed and the software can providethis password to the web site automatically without the user everknowing the password. The web site checks the password and eitherauthorizes or denies the redemption request.

Again, the password is unique to this particular redemption because thecounter value and the individual ID (refer to the discussion above withrespect to FIGS. 5(A) and 5(B)) in the card have been incorporated inthe password generation. Another electronic card user who downloads acoupon will have a different password.

5.1.3.3 Store Redemption

In this embodiment, the user takes his electronic card to a conventionalnon-web store. Of course, the store sponsored the coupon he downloadedor otherwise sells a product/service of the company that sponsored thecoupon. He takes his electronic card to a kiosk, which is equipped witha PC. The user activates the kiosk to prepare it to receive the coupondata. He then activates the TX switch on the electronic card to transmitthe coupon data, along with his individual ID and counter value. Thekiosk receives the information and checks to make sure the coupon isvalid. If the store is a national or otherwise chain-type store, thischeck may occur at a designated network server that links other relatedstores. If the store is purely a local store, the check may be donelocally at the kiosk or a network server that serves that particularstore. If the check indicates that the coupon is valid, the kiosk maygenerate an actual paper coupon for the user to use at the checkoutline.

Note that in another embodiment, the system uses pattern recognition asdescribed more fully below. In this pattern recognition embodiment, thekiosk may “listen” for the recorded time slice of audio stored in theelectronic card and perform pattern matching.

In another embodiment, the user may simply go to the checkout line atthe store (with or without any merchandise, depending on the coupon). Atthe checkout line, the store has a computer that also functions as anelectronic cash register. Equipped with a standard sound device, thecashier asks the user to press his TX switch on his electronic card. Hedoes so and the coupon data along with his individual ID and countervalue are transmitted to the store computer. This transmitted data isnow checked. Again, like the kiosk case above, if the store is anational or otherwise chain-type store, this check may occur at adesignated network server that links other related stores. If the storeis purely a local store, the check may be done locally at the networkserver that serves that particular store. If the check indicates thatthe coupon is valid, the computer allows the user to redeem that coupon.If some merchandise is involved, the value of the coupon is applied tothe purchase of that merchandise. If a free promotional item is offered,the item is given to the user without charge. Thus, based on the natureof the coupon, the action taken after the check will vary.

Another redemption scheme involves the use of the magnetic strip on theelectronic card. A code would be written onto the magnetic strip portionof the electronic card as the user downloads coupons electronically offthe web or some media device. The logic circuitry necessary to writethis code onto the magnetic strip area exists in the form of magneticstrip writers. The various components to realize the magnetic stripwriter are manufactured in miniature form to comply with the electroniccard's form factor requirements. Appropriate software in the electroniccard would detect that a coupon was downloaded and stored in theelectronic card. This software would then instruct the magnetic stripwriter circuitry to write the redemption code onto the magnetic striparea of the electronic card.

5.1.4 Interactive TV Auction

In this embodiment, the television set is an interactive TV set,typically with a set top box. When a live auction is broadcast on one ofthe channels, the user is allowed to bid on an item by pressing the TXswitch of his electronic card. For example, assume that one of thechannels is an auction channel, perhaps even called “The AuctionChannel.” The Auction Channel broadcasts traditional auctions withperhaps live participants. However, in addition to live participants, TVviewers equipped with the electronic card of the present invention arealso allowed to bid on the item. Whenever the user presses the TXswitch, the electronic card sends out his individual ID, counter value,group ID, among other data. The two-way set top box receives the user'sdata stream and passes this data stream along to the variousdistribution hubs and headends that make up this return path.Ultimately, the user's data stream makes its way to the server of theAuction Channel for the particular auction he is viewing.

When the Auction Channel's server receives the user's data stream,performs an authentication check (i.e., the user is a valid user) andthe request is a valid request by checking the counter value, amongother data. When all the checks have cleared, the user's data stream isinterpreted as a valid bid by the Auction Channel's server and also bythe human auctioneer. This process can continue until the item has beenawarded to the winning bidder.

Alternatively, the user's data stream may go to a dedicatedauthentication server that is independent of the Auction Channel'sserver. Once authenticated by this authentication server, the user canthen use his conventional set top box remote control to bid on items forthat particular auction.

5.1.5 Content Recording for Search/Redirection

In another embodiment of the present invention, the electronic card canbe used for recording an audio clip of the raw content broadcast overTV, radio, or heard by the cardholder. Once the audio clip has beenrecorded, a variety of redemption schemes allow the user of theelectronic card to benefit from the recording. For the purposes of thispatent specification, the term “redemption” is used to denote any typeof action that the user takes to obtain something for recording thataudio clip with his electronic card. Basically, the redemption schemesinclude: (1) finding information that is related to or associated withthe audio clip more quickly and easily than conventional Internetsearching techniques; and (2) receiving coupons, incentive points, orother sales offers as a reward for watching that TVprogram/advertisement or listening to a particular radiobroadcast/advertisement. These redemption schemes can be implementedon-line over the Internet or at a conventional store. Details of theseredemption schemes are provided below.

5.1.5.1 Electronic card Hardware

Referring to FIG. 1 again, the electronic card 10 is now basically aportable digital recorder of sound. Audio, for example, from TV and/orradio can be recorded as an audio clip. Typically, only 5 to 10 secondsof the audio clip need to be recorded for the redemption scheme tosucceed. Thus, if a user missed the beginning of a broadcast, he neednot worry since recording any portion of the entire audio soundtrack issufficient for successful redemption. As for the quality of therecording, high fidelity level is not necessary and thus lowcomponent/fabrication costs and small form factor sizes can be achieved.

FIG. 20 shows one embodiment of the electronic card that provides theanalog recording function. This FIG. shows a two-way card, in which thereceiver portion 209 a functions as a sound recorder and the transmitterportion 209 b functions as a playback device. Power to the entire cardis provided by a power supply 207, which in one embodiment is a VartaLPF-25 battery. The power supply 207 provides power to themicroprocessor 205, the switch block 206, and the RAM 208 for batteryback-up.

The digital core of the card is a microprocessor unit 205, which iscoupled to a battery backed-up RAM 208. The RAM 208 needs to be batterybacked-up to keep the recorded sounds in memory for as long as the userdesires. In one embodiment, the microprocessor 205 manages the memory inthe RAM 208 in a first-in first-out (FIFO) scheme. In this manner, theoldest recorded and stored audio clip is played first (during playback).If not enough memory space is available, the microprocessor 205 erasesthe oldest recorded audio clip first. Thus, as more and more audio clipsare recorded and stored, more and more of the oldest stored audio clipswill be replaced by the newer audio clips if memory space becomes anissue.

For the analog front end portion, a transducer 200 and a switch block206 are provided. The transducer 200 can be either a singletransmitter/receiver transducer or two separate transducers (i.e., onetransducer functions as a microphone and the other transducer functionsas a speaker). The switch block 206 provides power to the entire card.In one embodiment, the card contains two switches—a record switch and atransmit switch. These two switches are provided in the switch block206. As described above, the switch block has silicon switches so thatwhen the user releases the switch too soon, the rest of the circuitry inthe card still has enough power to perform their respective functions.The recording feature will now be discussed. When the record switch ispressed in the switch block 206, power from the power supply 207 isprovided to the transducer 200 as well as the rest of the circuitry inthe card. Sound that is picked up by the transducer microphone isdelivered to the receiver portion 209 a of the card where it isamplified (amplifier 201), filtered (BPF 202), and gain controlled (AGC203) prior to being digitized (A/D 204). The digitized sound is providedto microprocessor 205 which stores the digitized recording in RAM 208.Because each recorded audio clip takes up only 5-10 seconds, the RAM 208must be large enough to support all the recordings that need to bestored. Typically, 5 seconds of sound take up approximately 500 KB ofmemory.

The playback feature will now be discussed. Having stored the sound inRAM 208, the recorded sound can be played by the user at any time. Whenthe user presses the playback switch in the switch block 206, therecorded sound stored in RAM will be played through the transducerspeaker of the card. Each press of the playback switch plays a singlerecorded audio clip in the order in which they were stored. Thus, thefirst press of the playback switch activates the playback of the oldestaudio clip file. The second press of the playback switch activates theplayback of the second oldest audio clip file. This process is circularso that after the newest audio clip file is played, the next audio clipfile to be played corresponds to the oldest audio clip file. Of course,one ordinarily skilled in the art can devise other similar schemes toplayback recorded audio. Multiple buttons can be implemented as well asa single button with multiple functions (or modes). Perhaps a deletebutton can be implemented so that the user can selectively delete thedesired audio clip.

The circuitry in the transmitter portion 209 b of the card is similar tothat of FIGS. 2, 7, 8, 9, and 10. However, in this embodiment, theswitch press activates a transmit routine that incorporates the audioclip file stored in RAM 208. A pointer is implemented that keeps trackof which audio clip to play. After each press of the playback switch,the audio file being pointed to is played, and the pointer then moves tothe next oldest audio file in RAM 208. In addition, the DES3 encryptionscheme which includes the use of the group ID, individual ID, andcounter values can also be used for authentication purposes. Thus, whenthe playback switch is pressed, an encrypted version of the audio clipfile along with other authentication data is transmitted to thecomputer's microphone. The server receiving this data can authenticatethe user and provide the pattern recognition search service for websiteredirection or coupon/incentive point collection, as described below.

5.1.5.2 Server Architecture

A server computer station 210 associated with the broadcast mediainteractive system in accordance with one embodiment of the presentinvention will now be discussed with respect to FIG. 21. At the core ofthe server 210 is a web server 215 b which interfaces with a databaseserver 212, a messaging server 215 a, an authentication server 213, andthe Internet 16. The web server 215 b is further coupled tocommunications lines 219 f (e.g., via a modem or network routerconnected to server 210) and the Internet 16.

In one embodiment, the web server 215 b performs many tasks related tothe management of the accounts, merchandises, coupons, incentive points,and soundtracks, music sales, sales of other services or merchandiseassociated with the recorded sound clips, or other information servicesrelevant to the card issuer. From executing code for any number ofdifferent applications, managing resources, handling web requests,managing files and records, creating files and records, deleting filesand records, delegating tasks, and handling exceptions, the web server215 b provides the main processing for the server 210. As noted above,this functionality, in other embodiments, could be distributed acrossmultiple hardware servers.

The web server 215 b also works with a messaging server 215 a via line219 d (e.g., the system bus or a network connection to another hardwareserver) and a database server 212 via line 219 b. The messaging server215 a works with the web server 215 b via line 219 d and is alsoconnected to the Internet via communication lines 219 e. The messagingserver 215 a provides various messaging functionality in variouscommunications media such as telephone, email, instant messaging, activedesktop application, and web browser notices. For example, email noticessuch as product news, discount updates, and customer service access areprovided via communications line 219 e. News of upcoming sales offersthat may interest the potential customer are delivered frequently. Also,any questions that a user may have may be directed to customer servicethrough the messaging server 215 a, which will direct the email to theappropriate personnel within the customer service department. As notedabove, various forms of instant messaging as are well known in the artcould replace some or all of the functionality of messaging server 215a.

Note that communications lines 219 e and 219 f are standard interfacesto the Internet (e.g., an Ethernet or other network interface to arouter and CSU/DSU, modem, etc.) or across machines which are typicallyEthernet-connected at the “back end” of the network.

In another embodiment, the web server 215 b and messaging server 215 aare integrated in an Internet server 215. The interface to the Internet16 is provided by primary communications line 219 f (line 219 e is notimplemented). Thus, all web traffic passes through this Internet server215 via communications line 219 f. The messaging server 215 acommunicates with the web server 215 b and the back end of the system(e.g., database server 212).

The database server 212 performs many tasks related to the creation,deletion, and management of various files and records managed by theserver 210. The database server 212 supports the web server 215 b inaccomplishing its tasks of running the redemption portion of thebroadcast media interactive system. The database server includes amanagement tools and web page information unit 212 a and a patternrecognition search engine unit 212 b. The management tools and web pageinformation unit 212 a provides exactly that—tools for the web pageadministrator to update, modify, and troubleshoot his web site. The webpage information is also provided herein so that the web server 215 baccesses the web page information from this unit 212 a. Thus, when auser logs into the web page associated with server 210, the look andfeel of this web page is stored in the unit 212 a. However, the webserver does not access the unit 212 a for each access of this web page;rather, the web server 215 b accesses the web information in the unit212 a only periodically to update its contents. The pattern recognitionsearch engine 212 b will be discussed in greater detail below.Generally, however, the pattern recognition search engine 212 b performspattern recognition matching functionality between a user-submittedaudio clip and the soundtrack files in the soundtrack database 211 d.

The database server 212 serves a database of content to be operated oraccessed in conjunction with card operation. For example, that databaseserver 212 can serve an incentive points database 211 a, a coupondatabase 211 b, a merchandise database 211 c, a soundtrack database 211d, and an account database 211 e. These databases 211 a-211 e arecoupled to a communications line 219 a and to the database server 212.

These databases on communications line 219 a comprise the “back end” ofthe system. Note that the common bus-like illustration of thecommunications line 140 is merely conceptual. The databases may notactually be on a common bus. These databases may be widely dispersedgeographically or integrated into one database. Also, some of thedatabases may be on a common bus while others may be located remotelyand accessed via the Internet.

The incentive points database 211 a contains various incentive pointsbanner ads and programs. Additionally, the prerequisites for earningthese incentive points are also stored herein. Similarly, the coupondatabase 211 b contains various coupon information that is eitherdisseminated via the messaging server 215 a or awarded to certain userswhen certain requirements are satisfied. Also, the merchandise database211 c contains various merchandise information that can be purchased byusers or awarded based on satisfying certain requirements. Thesedatabases 211 a-211 c can also contain links to specific web pagesassociated with the incentive point, coupon, or merchandise so that theuser can be properly redirected to that website. In another embodiment,these databases do not contain ads, programs, coupons or information;rather, these databases contain only links where the user can beproperly redirected for more detailed information. The websiteassociated with the link has the programs and coupons that are awardedto users. If necessary, these websites communicate with the accountdatabase 211 e to keep credits, debits, and points information.

The soundtrack database 211 d contains soundtrack files for those TVprograms, TV ads, radio programs, and radio ads of companies that areparticipating in this broadcast interactive system. This soundtrackdatabase could also just be a collection of music from a given genrethat is available for sale. That is useful for implementations in whichcardholders know that they can operate their card to identify that sortof music. For example, a “top 40” card or a “country & western” cardmight be considered. The various incentive points, coupons, andmerchandise are awarded in conjunction with some matching functionperformed by the pattern recognition search engine 212 b against thefiles in the soundtrack database 211 d. Alternatively, the matchingfunction results in the user being redirected to the website that isassociated with the matching soundtrack file.

For example, assume that a requirement for winning a certain number ofincentive points or a particular coupon or a particular merchandise isproviding proof that the user watched a particular ad that appeared inconjunction with a certain TV show (e.g., ABC Corporation's ad in an“X-Files” episode). One form of proof that the server 210 will accept isthe audio clip recorded with the electronic card 10 (FIG. 1). The userrecords an audio clip from that advertisement (perhaps the jingleportion of the ad). The user then accesses the website associated withthis server 210 with his browser and plays back the recording. Thepattern recognition search engine 212 b compares the user's audio clipto those stored in the soundtrack database. If a match is found betweenthe user's submitted audio file and a soundtrack file in the soundtrackdatabase 211 d as determined by the pattern recognition search engine212 b, then the incentive points, coupons, and/or merchandise areawarded to the user who submitted that audio file.

Analogously, the successful match may result in the user beingredirected to a particular web page where he can get more information onthe product/service that was advertised in that TV ad. For example, if auser recorded an audio clip from a commercial featuring XYZCorporation's coffeemaker, the pattern recognition search engine wouldthen match the user-submitted audio clip with the appropriate soundtrackfile associated with XYZ's coffeemaker. The match results in the userbeing redirected to the website associated with the XYZ coffeemaker.

In another example, the user may record a sound clip from some musicthat he heard over the radio. Although the user is unsure of the music'sidentity, he knows that he “likes” it. He accesses some central musicwebsite where he plays his sound clip. The pattern recognition softwareidentifies the music and provides for the user the various CDs and othermusic forms (e.g., MP3) that are available for purchase. Thus, withoutknowing the title or artist of the music that he just heard on theradio, the user is able to identify and purchase that piece of music bymerely recording a sound clip from that music and playing it back to acentral website. This is especially useful because in most cases, theradio station rarely identifies the title (or even the artist) of apiece of music prior to actually playing that piece of music over theair. Usually, this identification occurs after the music is played.Sometimes, the radio disc jockey identifies this music along withseveral other songs that have also aired, which complicates theidentification process for the user. Not only does the user have tomatch the identification with the actual song he heard, but he may haveto wait for quite some time before the radio disc jockey makes theon-air identification. With this embodiment of the present invention,the user merely records the a clip of the song and play it back to acentral music website. The music website will identify the musicimmediately and also suggest CDs that contain that song to purchase.

The memory 214 provides support for the database server 212 and theauthentication server 213 so that these servers can serve all the userrequests coming in. For example, hundreds if not thousands of users maybe accessing this server 210 to submit audio clips. These audio clipsare temporarily stored in the memory 214 until they are served by thedatabase server 212, the authentication server 213, or both. The patternrecognition search process also requires some memory space to performthe match functions.

The account database 211 e contains information about each user'saccount. Normally, only a user with an account (i.e., member) get thebenefit of this broadcast media interactive system with points, coupons,and merchandise. The account information includes account balance(points or otherwise), expiration date for each point or group ofpoints, redemption information, credit card information, billinginformation, billing address, and whether the account is authorized forusing points for credit. Although this embodiment illustrated in FIG. 2shows the account database 211 e integrated with the rest of the server210, another embodiment may have the account database located in a thirdparty's server and maintained by the third party.

These databases 211 a-211 e contain appropriate linking fields so thatan entry in one database can be associated with a related entry inanother database. For example, when a user earns incentive points fromthe incentive points database 211 a, that user's account in the accountdatabase 211 e is appropriately updated.

In another embodiment, the incentive points database 211 a, the coupondatabase 211 b, and the merchandise database 211 c are integrated intoone database. The soundtrack database 211 d and the account database 211e, however, are kept separate. In still another embodiment, thesedatabases are distributed across one or more machines. These machinesare coupled via communications line 219 a to the database server 212.These databases comprise the “back end” of the system which the Internetserver 215 access.

The authentication server 213 provides security functionality so thatonly those users with a proper account can access the features providedby the server 210. In particular, the data stream of the electroniccard, which includes the group ID, individual ID, counter value, and rawdata, can be encrypted. These fields can be checked against the accountdatabase to ensure that the proper user (individual ID, counter value)associated with a proper participating merchant (group ID) is accessingthe system. Of course, the audio clip (i.e., raw data) is used only whenthe user has been authenticated. The authentication server also ensuresthat only those users with the properly sponsored electronic card (whichperforms the encryption and frequency translation (e.g., to ultrasound))can access the server. Thus, anyone with a standard tape recorder cannotmerely record an audio clip of a TV commercial, access the websiteassociated with server 210, playback the audio clip, and obtain thedesired service (e.g., redirection) or item (incentive points, coupons,merchandise).

In another embodiment, the authentication server is not implemented sothat, for example, any user with a tape recorder could record therelevant audio clip, access the web site associated with server 210,playback the recording, and obtain the desired service or item, so longas the user is a member (i.e., has an account in the account database211 e) or opens a new account. This aspect, however, might be less thandesirable because of the lack of convenience that the electronic cardwould otherwise provide. Still, the basic audio recording and playbackfunctionality required by the system could be so provided.

The pattern recognition search engine (212 b in FIG. 21) will now bediscussed. In particular, the pattern recognition search functionalityin the pattern recognition search engine will be described. Referringnow to FIG. 22, the 5-10 second audio clip that was submitted by theuser is represented by reference numeral 220. This audio clip is sampledat sampling block 221. In one embodiment, the sampling rate is 2,000samples per second. The sampled audio clip is presented to anormalization block 222. The normalized audio clip is then presented tofiltering block 223 to remove undesired frequency components.

A time slice block 224 receives the filtered audio clip. This time sliceblock divides the audio clip into time slices, where each time slice isapproximately 20-50 msec in duration. Each audio file in the soundtrackdatabase 211 d (in FIG. 21) has also been divided into time slices. Thesearch for a match between the user-submitted audio clip and one or moreaudio files in the soundtrack database 211 d (in FIG. 21) involvescomparing time slices of the user-submitted audio clip and time slicesof the audio files in the soundtrack database. The length of each timeslice in the pattern recognition search engine 211 d (in FIG. 21) shouldbe short enough to make the match process time-invariant. In otherwords, the incoming audio clip submitted by the user is a 5-10 secondclip from any portion of the soundtrack that aired on TV or radio. Oneuser may start recording as soon as the soundtrack began, while anotheruser starts recording 4.2 seconds into the soundtrack. No two users mayrecord the same section of the broadcast soundtrack. To compensate forthis time variance, the match process must make the time slices shortenough so as the make the search engine time invariant. On the otherhand, each time slice must not be so short that the match process wouldbe too computationally intensive requiring a very fast processor.Analogously, if the time slice is too long, the pattern recognitionsearch engine may not find any match whatsoever.

For each time slice, a feature calculation block 225 performs featurecalculations. The feature calculation block 225 attempts to extract someusable feature for each time slice. Typically, the feature calculationblock 225 performs some time domain to frequency domain transformationprocess. In one embodiment, the feature calculation block 225 performs aFourier Transform on the data in each time slice. In another embodiment,the feature calculation block 225 performs linear predictive coding(LPC) on the data in each time slice. In still another embodiment, thefeature calculation block 225 performs a power spectral density on thedata in each time slice. However, the present invention is not limitedto such time-to-frequency domain transformations. Other transformationsas known to those ordinarily skilled in the art of pattern recognitionsearch technology can be applied.

Based on the feature calculation for each time slice, a comparator block226 attempts to find a match between each time slice from the audio clipsubmitted by the user and the time slices in the soundtrack database 211d (in FIG. 21). In one embodiment, a time slice associated with theuser's audio clip is compared with each time slice in the soundtrackdatabase. The calculated features in each time slice are compared toeach other. The audio file in the soundtrack database that provides theclosest match for this initial time slice results in the search engineproducing a hypothesis where that audio file in the soundtrack databaseis considered a match. This hypothesis will be tested in block 227 asmore time slices associated with the user's audio clip are compared tothe soundtrack database. The check hypothesis block 227 creates a tableor a list of soundtrack files that have successfully matched the timeslices in comparator block 226. When the number of matches for aparticular soundtrack file exceeds some “high confidence” threshold,then the particular soundtrack file is considered a match with highconfidence. Alternatively, if a particular soundtrack file exceeds some“medium confidence” threshold (which is much less than the “highconfidence” threshold) of matches and no more time slices are availablefor further comparisons, then that particular soundtrack file isconsidered a match with medium confidence. Similarly, if a particularsoundtrack file exceeds some “low confidence” threshold (which is muchless than the “medium confidence” threshold) of matches and no more timeslices are available for further comparisons, then that particularsoundtrack file is considered a match with low confidence.

Also, if a particular soundtrack file does not exceed the “lowconfidence” threshold and no more time slices are available for furthercomparisons, then the pattern recognition search engine will determinethat no match exists. Alternatively, the pattern recognition searchengine may determine that a match with negligible confidence exists forthis latter case.

5.1.5.3 System Operation

In this section, the recording of content will be described first,followed by the various redemption schemes. In general, a user need tomerely press the record button on his electronic card when a TVcommercial, TV program, infomercial, radio commercial, or radio programis being aired. However, to get any benefit out of this broadcast mediainteractive system, the broadcast content must have a correspondingsoundtrack file in the soundtrack database 211 d (in FIG. 21). Normally,the soundtrack can include the entire audio from the content, whetherit's an hour-long drama, a two-hour long TV movie, a half-hour sitcom,or a thirty-second commercial.

The operation of the server in FIG. 21 can be done centrally or indistributive fashion. In the central operation scheme, only one websiteor entity would own and operate the server of FIG. 21. Accordingly, allusers must come to this entity's website to request pattern recognitionsearch services to obtain the coupons, incentive points, salesinformation or to be otherwise redirected to the proper website wherethe user can receive coupons, points, and sales information. Usually,the owner of the server of FIG. 21 negotiated some type of arrangementwith a merchant (XYZ Corporation for ads, commercials, infomercials), TVnetwork (e.g., ABC, CBS, NBC, Fox), cable service provider (e.g., AT&TCable Services), satellite service (e.g., Direct TV), local TV station,local radio station, and the like. This arrangement includes placing thesoundtrack of the program or the commercial in the soundtrack databasefor pattern recognition searching purposes. Without such an arrangement,the user can record any content he pleases but he will not be able toredeem it for any value in return.

In the distributed scheme, any web merchant, network, cable provider,local station (TV, radio, or otherwise), and the like can own andmaintain its own server of FIG. 21. In this case, users would have to goto each web entity's website for service. If a user just recorded anaudio clip of a commercial on CBS, he may have to go to the website ofeither CBS or the company associated with that commercial. In thisdistributed scheme, multi-entity arrangements may not be necessary.

For example, assume that CBS wants to increase viewership of certain TVprograms. To utilize the various embodiments of the present invention,the electronic cards must be distributed to users so that they will usethem when watching TV programs CBS and/or other entities may provide forcard distribution in any number of methods.

One method includes distributing these cards in the same package asanother product. For example, in a joint venture with TV Guide Magazine,CBS and TV Guide distribute these electronic cards as a securely placedinsert in the upcoming issues of TV Guide (with or without anyadditional price increase in the TV Guide). As another example, CBS anda certain XYZ Corporation agree to distribute these electronic cards inXYZ's compact discs (CD) in a joint venture to co-market CBS and XYZCorporation's CD division. When a user purchases an XYZ CD, the CDpackage includes a free electronic card.

In another distribution scheme, CBS may limit distribution of thesecards to some entity with a large membership base. For example, in ajoint venture with AOL, CBS and AOL agree to distribute these electroniccards to AOL members only. AOL members would receive these cards in themail. Similarly, VISA card holders may receive these electronic cards inthe mail as a result of some arrangement between CBS and VISA.

In another distribution scheme, the major credit card organizations(i.e., VISA, Mastercard, American Express) arrange for its memberissuing banks to distribute these cards to all new and existing cardholders. In this arrangement, CBS has no involvement in thedistribution, but rather benefits from having some other organizationhandle the distribution of the cards.

Whatever the card distribution scheme, assume for the purpose ofdiscussion that these electronic cards are now in the hands of users.CBS would of course market the use of these electronic cards via print(e.g., newspapers, magazines) and electronic media (e.g., TVcommercials, radio broadcasts, Internet newsgroups, CBS's website). CBSwould also have some arrangement with the server of FIG. 21 to carrysoundtracks of its programs and commercials in the soundtrack database211 d (in FIG. 21). Now, to increase viewership, CBS would marketcertain programs heavily. It mentions that by recording an audio clip ofa CBS program (or relevant portion of a CBS program, such as the openingcredits) or a commercial that appeared within a program's time slot, theuser could redeem the recording to earn coupons to various merchandise,earn incentive points such as mileage with a popular airline, win freemerchandise, or otherwise obtain some benefit. In this case, thebroadcast media interactive system benefits both the sponsoring entity(e.g., CBS, TV Guide, XYZ Corporation) by increasing viewership orproduct purchase, as well as benefiting the user.

Redemption schemes will now be discussed. Basically, the redemptionschemes include: (1) finding information that is related to orassociated with the audio clip more quickly and easily than conventionalInternet searching techniques; and (2) receiving coupons, incentivepoints, or other sales offers as a reward for watching that TVprogram/advertisement or listening to a particular radiobroadcast/advertisement. These redemption schemes can be implementedon-line over the Internet or at a conventional store.

In the first type of redemption scheme, the user would take hiselectronic card, which contains the audio clip of a TV program orcommercial, to his computer and access the Internet. The user initiallyrecorded this audio clip because he was interested in a particular TVprogram (if his audio clip was some portion of the TV program), or someproduct or company (if his audio clip was of some portion of a TVcommercial or radio commercial). The user wants more information aboutthat program, an actor/actress of that program, the network itself(e.g., CBS) carrying that program, the product that was showcased inthat commercial, or the company that makes/distributes that product inthat commercial. However, the use of a conventional search engine mightbe too complicated, inefficient, or both when he tries to find therelevant information on the web. The electronic card facilitates hissearching efforts.

When he accesses the website associated with the server of FIG. 21, thewebsite then instructs the user to play the recording to his PCmicrophone. He plays the recording. When a match occurs between theuser's audio clip and a file in the soundtrack database 211 d (in FIG.21), the server then redirects him to the relevant web page. Assume thatthe user was interested in a particular product in a TV commercial, theserver redirects him to the website of the company that makes or sellsthat particular product. In may cases, the user is directed to theparticular web page that has the detailed information about that productto simplify the process for the user. The user need not be directed to acompany website where he then has to wade through the tens or hundredsof pages of products that the company makes or sells. Rather, he isdirected to the very page that has all the information that the userdesires on that particular product. From here, the user can accessinformation about the company that makes or sells that product, ifdesired.

Assume that the user is interested in finding more information about aparticular actor who appeared in a television program. While watchingthat program, the user would record an audio clip of a portion of thatprogram. He would then playback this recording in the manner describedabove as instructed by the website. The website associated with theserver of FIG. 21 would then perform a pattern recognition search of thesubmitted audio clip. If a match occurs, the website would then redirecthim to a web page that corresponds to the TV show he was watching. Fromthis website, the user can then find links to the actors in thisprogram, including the actor he is interested in, and access the linkedweb pages to obtain more information about that actor. If desired, theuser can also obtain more information about the network that broadcastthat TV show, the studio that made that TV program, or a whole host ofother information related to that TV program.

Similarly, assume that the user recorded an audio clip of a TVcommercial. In that commercial, the merchant advertised certain couponsor mileage points by going to his website and registering. The usertakes the recorded audio clip, plays it to the server via his microphoneacross the Internet, and waits for pattern match. The server theninforms the user that a match occurred (or no match), and redirects himto the merchant's webpage. Here, the user can register to earn hiscoupons or mileage points. In this case, the user's account balance ismodified to reflect the earning of the mileage points. This account canbe at either the website that the user was redirected to or the websiteof FIG. 21, where the account database 211 e is maintained. This exampleis also related to the second redemption scheme. However, in thisexample, both the redirection and the earning of coupons or points occurtogether.

As another example of this second redemption scheme, the user takes hisrecorded audio clip in his electronic card to the website associatedwith the server of FIG. 21. When he plays back the recorded audio clip,the server performs the pattern match search and generates some matchresult. If a successful match results, the user with the proper accountin the account database 211 e earns the advertised incentive points,mileage points, or coupons. These earnings are reflected in the accountdatabase 211 e associated with that user. The user can then redeem thesecoupons at any participating merchant and follow rules associated withtheir redemption, such as using the coupons prior to the expirationdate.

As mentioned briefly above, the user can also take his electronic cardto a conventional non-web store for redemption. Of course, the storesponsored the coupon that he saw (and recorded) on TV or radio orotherwise sells a product/service of another company that sponsored thecoupon. Sometime after recording the audio clip with his electroniccard, the user takes his electronic card to a kiosk, which is equippedwith a computing station or terminal. The user activates the kiosk toprepare it to receive the coupon data. He then activates the playbackswitch on the electronic card to play the recorded audio clip. The kioskreceives the information and delivers the audio clip to a server orcomputing system that contains the pattern recognition search engine andthe soundtrack database. If the store is a national or otherwisechain-type store, this search function may occur at a designated networkserver that links other related stores. If the store is purely a localstore, the search may be done locally at the kiosk or a network serverthat serves that particular store. If the search indicates that thecoupon is valid (i.e., audio clip matches a soundtrack file), the kioskmay generate an actual paper coupon for the user to use at the checkoutline.

In a variation of this embodiment, the user may also simply go to thecheckout line at an actual conventional store (with or without anymerchandise, depending on the coupon). At the checkout line, the storehas a computer that also functions as an electronic cash register.Equipped with a standard sound device, the cashier asks the user topress his playback switch on his electronic card. He does so and theaudio clip is transmitted to the store computer. This transmitted audioclip is now checked with the soundtrack files in the soundtrackdatabase. Again, like the kiosk case above, if the store is a nationalor otherwise chain-type store, this check may occur at a designatednetwork server that links other related stores. If the store is purely alocal store, the check may be done locally at the a network server thatserves that particular store. If the check indicates that the coupon isvalid, the computer allows the user to redeem that coupon. If somemerchandise is involved, the value of the coupon is applied to thepurchase of that merchandise. If a free promotional item is offered, theitem is given to the user without charge. Thus, based on the nature ofthe coupon, the action taken after the check will vary.

Similarly, the user may go to a kiosk or customer service station. Whenhe plays the recorded audio clip, the kiosk or customer service stationinforms him the location of the merchandise associated with the recordedaudio clip. The user can then find his item in that store with relativeease.

5.1.6 Bookmarks for Broadcast Media

In a variation of the content recording embodiment, the audio clip canbe used to keep a “virtual bookmark” in the electronic card with respectto the broadcast content. Later, when he access the Internet, he canplayback his recording at a central website. Once the patternrecognition functionality in that website finds a match, it directs himto the website associated with that recorded content.

Typically, when a user is watching television or listening to the radio,he may be interested in particular content that just aired. However, hehas no easy momentary access to the Internet to look up that content. Insome instances, even if he has easy momentary access to the Internet, hedoes not want to look for more information relevant to that contentbecause he wants to continue watching/listening to the broadcast that isairing. In these cases, the electronic card can be used to record anaudio clip of the broadcast. By doing so, he has stored a virtualbookmark to a web address.

Later, at his convenience, he can access the web and go to a centralwebsite. This central website has a pattern recognition functionality.When the user plays back the recorded audio clip, the patternrecognition software attempts to find a match. When it finds a match,this match is associated with a table that contains web addresses. Atthis point, this central website can redirect him automatically to thisweb address or simply display the web address for the user. This webaddress has more detailed information on the product/service that wasthe subject of the broadcast he just recorded. If the broadcast was acommercial, the recording would allow the user to later be redirected tothe webpage of the merchant associated with that commercial or evendirectly to the webpage of the product/service being advertised. If thebroadcast was a TV program, the recording would allow the use to laterbe redirected to the webpage of the network or production company thatproduced that program, or even to a fan webpage of that particular TVprogram.

Multiple recordings can be stored in the electronic card so that ineffect, the user is storing multiple “virtual bookmarks.” They areanalogous to bookmarks because web bookmarks on browsers allow the userto conveniently and quickly access a particular desired webpage withoutany searching. Similarly, the “virtual bookmarks” in the electroniccards allow the user to conveniently and quickly access a particularwebpage without any searching effort by the user.

In another embodiment, the “virtual bookmark” can be used to make arealtime purchase on a home shopping network channel. When the user seesan item on the home shopping network channel that he wants to purchase,he records an audio clip while that item is on display on TV. The userwould take this audio clip to his computer, access the home shoppingnetwork website, and playback the recording. When the patternrecognition software in the server detects a match, the user is giventhe option to purchase that item. Alternatively, the user could go to acentral website where the pattern recognition feature redirects him tothe home shopping network website based on the successful pattern match.Thereafter, the user navigates to the webpage containing the item or theredirection automatically takes the user to the webpage of that item.

5.2 Smart E-Wallet System

In accordance with one embodiment of the present invention, a smarte-wallet application is provided which allows the user to use theelectronic card in conjunction with a web browser to make on-lineshopping faster and more convenient. Essentially, the smart e-walletsystem according to one embodiment of the present invention allows theuser to automatically launch a browser, send the user ID and password tothe e-wallet server, and emulate the “fill” and “submit” buttons whenthe user is in a website's checkout line with the simple press of theswitch in the electronic card. More details are provided below.

5.2.1 Installation

The smart e-wallet system comprises the e-wallet client software, theelectronic card, software associated with the electronic card (DSP,sound card drivers, etc.) and an e-wallet server. The installation ofthe e-wallet client software and the electronic card software can beaccomplished using standard methods. In one embodiment, the user wouldalready have an electronic card that is sponsored by a merchant, portal,or some other entity that has an interest in distributing the electroniccards. The software installation process includes downloading theelectronic card software from the website associated with the electroniccard company and also downloading the e-wallet client software from thewebsite associated with the e-wallet company. These two separateprocesses will now be described.

Referring to FIG. 29, a log server 296 and a registration server 295 areprovided. In one embodiment, the log server 296 is operated by andassociated with the electronic card company and the registration server295 is operated by and associated with the e-wallet company.Alternatively, the log server 296 is operated by and associated with ane-wallet company and the registration server 295 is operated by andassociated with a typical web merchant. In other embodiments, both thelog server 296 and the registration server 295 are operated andassociated with a single company, whether electronic card, e-wallet, orweb merchant/portal.

Typically, the servers are NT-based systems that use the IIS platform tohandle Internet requests and feature a SQL server by Microsoft to manageand store the collected data. The log server 296 primarily handles userregistration of the electronic card, installation of the softwareassociated with the electronic card, and collects MIS data for later useand analysis.

As part of the registration and software installation process, the logserver stores and updates a list of users and their correspondingelectronic card IDs by name Note that while the server knows eachelectronic card ID, it does not know or have access to the electroniccard's secret key (i.e., MyEWallet password) which is generated by thehash function, as described further below in the security section of thepatent specification. The log server also prepares the installationsoftware and personal data file for each user. Finally, the log serverstores and retrieves each user's usage characteristics.

To start the installation process, the user accesses a website that isassociated with an e-wallet company, such as the website supported byregistration server 295 in FIG. 29. The user may also be asked toprovide other personal details including:

-   -   (1) full name (first, middle, last)    -   (2) email address    -   (3) electronic card number (or user ID)    -   (4) optional e-wallet profile name    -   (5) address 1    -   (6) address 2 (optional)    -   (7) city    -   (8) state/province    -   (9) zip/postal code    -   (10) home telephone number    -   (11) work telephone number    -   (12) interests/hobbies    -   (13) shopping preference    -   (14) household size    -   (15) household income    -   (16) Question for password    -   (17) Secret answer for password question

These are just representative information that the registration processrequires. Some information may not be requested at all. In anotherembodiment, the user need not manually enter these information; rather,the information is stored in the electronic card itself and the mereactivation of the card will provide this information to the server.

Since this registration server 295 is associated with the e-walletcompany only, the registration server 295 takes the user to the logserver 296, or the server operated by the company associated with theelectronic card. After all, the e-wallet company provides e-walletservice and software to many different types of people, regardless ofwhether or not they have the electronic card of the present invention.The company associated with the log server 296 provides theservice/software for the electronic card. Alternatively, the user mayhave gone directly to the website associated with the electronic cardcompany first. However, as described above, if the user happens to go tothe website associated with the e-wallet service first, that websitewill redirect the user to the website associated with the electroniccard company.

The log server 296 delivers a registration web page that requires theuser to enter the electronic card number. A dialog box can pop up toinform the user of the terms and conditions of the e-wallet/electroniccard program. When the user agrees, the log server 296 delivers thesoftware download page to the user. The user then downloads the softwareassociated with the electronic card which can include the data file forpersonal information. An application file also includes a one-time codewhich is similar to the electronic card's transmission of the Series inthe data stream. This one-time code is unique to each user and is usedlater in the smart e-wallet application for security purposes, asdescribed further below. The user then subsequently installs thesoftware using standard techniques, such as using an installation wizardprogram. The install wizard also tells the user how to install themicrophone and test the microphone, sound card, and the electronic card.At this point, only the software associated with the electronic card isinstalled. This software is similar to software 114 of FIG. 11.

Finally, the installed software sends the user to the website associatedwith the e-wallet system. Here, the user name and password are enteredby the installed software and the e-wallet client software isdownloaded. The e-wallet client software can then be installed using itsown techniques. The user is then notified that the installation of thesmart e-wallet application has been successfully completed. The entireinstallation process takes only a few minutes (with a 33.6K baud modem).

Of course, the separate e-wallet company-sponsored registration serverand the electronic card company-sponsored log server need not be twoseparate servers. Either, or both, companies can agree to operate asingle server that provides registration for e-wallet and registrationfor the electronic card.

Alternatively, the user may purchase a disk or CD-based softwarepackage, which he then installs in the conventional manner. Also, thesoftware could be bundled together with other pieces of unrelatedsoftware when the user purchases a computer from a store or directlyfrom a manufacturer. Once installed, the user can proceed to the websiteassociated with the e-wallet and/or electronic card and register.

The smart e-wallet system allows for multiple installations in multiplepersonal computers. Thus, a user could use the smart e-wallet systemfrom the home and the office with a single electronic card. Theinstallation procedure is as described above. However, a securitymechanism is provided to ensure that the subsequent installations arelegitimate. In the process of installing the software for the firsttime, the log server/registration server will provide the user threeunique information options (i.e., question and answer). The user mustprovide a response to one of these options. In subsequent installations,the registration server/log server will prompt the user with the samequestion. If the user provides a correct response, the server will allowthe new installation to proceed.

5.2.2 Operation

An e-wallet is a convenient application that allows the user to shop andpurchase items on the web with relative ease. Because the user hadregistered with the proper personal information such as name, address,phone number, credit card number, expiration date, and the like, theuser's shopping experience is a painless and positive one. Indeed, thisinformation may have already been entered by the card's provider. Whenthe user is about to purchase some item at a website, he goes to thecheckout line. Instead of filling out a form like he would normally do,he invokes the e-wallet application which contains all of his personalinformation. The e-wallet application would either fill out the formautomatically for the user or deliver equivalent information to thewebsite so that the sales transaction can be finalized.

Referring now to FIG. 29, the smart e-wallet application (which includesthe e-wallet client software and the electronic card software) is asingle tray application which is represented as an icon in the SystemTray by the Windows OS if the application is active. Typically, thesmart e-wallet application opens automatically on start-up. Of course,the user can turn off (i.e., close) the e-wallet application at any timeafter it has been opened by, for example, right clicking the tray iconand selecting “Exit.” The icon will then promptly disappear from thesystem tray. Conversely, the user can manually open the e-walletapplication from the Program Menu, or if a short cut has been providedon the desktop.

If the user has successfully registered with the e-wallet system (e.g.,registration server 295 in FIG. 29), the user can use the electroniccard 10 to gain instant access to a designated e-wallet “home” websiteand perform easy and secure purchases from that site. For the purpose ofthis patent specification, this designated “home” site is calledMyEWallet.

First and foremost, the computer station 14 is powered up and running.Secondly, the sound system is also running properly and active. When theuser clicks on the electronic card, the electronic card transmits a datastream which should be detected by the client software. The electroniccard software portion of the smart e-wallet application checks for avalid transmission (i.e., user password). It the transmission isinvalid, the user receives a security warning. If the transmission isvalid, the smart e-wallet application performs any number of functionsthat is context-sensitive. For the most part, the smart e-walletapplication checks the launch status (i.e., open or closed) of the webbrowser and the URL of the web page accessed. FIG. 30 shows a flowchartof this context-sensitive process.

The process starts at step 300. Step 301 checks to determine if the webbrowser is closed or opened. FIG. 29 shows a portion 290 of the computerscreen that displays the web browser. If the web browser 291 (in FIG.29) is closed, the smart e-wallet application launches the PC's defaultbrowser at step 302, accesses the MyEWallet website at step 303, andlogs the user into the website (steps 306, 307). If the user is properlyregistered, the web page opened will be the user's personalized webpage. The e-wallet interface 292 (in FIG. 29) will appear with the userID and password automatically filled in by the smart e-walletapplication as shown in step 306. Thereafter, the user ID and passwordare delivered to the MyEWallet website at step 307. If proper, the userhas now been logged into the MyEWallet website. The user can browser andshop as he pleases as indicated at step 308. At this point, the user'se-wallet which contains his personal information can be used to fill outa form or otherwise deliver these information to the website to finalizeany sales transaction. Note that the smart e-wallet application fills inthe user ID and password and submits them automatically to the MyEWalletserver to log in. Thus, the mere press of the switch in the electroniccard automates an otherwise manual process.

Returning to step 301, if the web browser is open, the smart e-walletapplication checks the URL of the current web page at step 304. If thecurrent URL is not MyEWallet, the smart e-wallet application opensanother window at step 305, accesses the MyEWallet web page at step 303,and logs in the user as described above. As in the first case above, thesmart e-wallet application fills in (step 306) and submits (step 307)the user ID and password automatically. At this point, the user proceedswith his web browsing and shopping in this second window. The previouslyopened first window is not associated with the smart e-wallet system soany tasks performed in this first window will not benefit from anyautomated tasks already performed by the smart e-wallet system. Inanother embodiment, the smart e-wallet system will access the MyEWalletweb page and log in the user in the first window, without opening upanother window. Thus, in this alternative embodiment, step 305 iseliminated.

Returning to step 304, if the browser is already opened to the MyEWalletURL but the user did not log in yet, the smart e-wallet applicationproceeds to fill in the user ID and password in the e-wallet interface292 (in FIG. 29) at step 306, followed by submission of the user ID andpassword to the MyEWallet server at step 307. If proper, the user islogged into the MyEWallet system and can now take advantage of thee-wallet system.

Once the user is logged into the MyEWallet server, the next click of theelectronic card performs other tasks. If the application is in the“fill” stage, the smart e-wallet application will fill out the form onthe current web page, just as if the user had clicked on the “fill”button with the mouse. If the form is completely filled out, the webpage would now be in the submit stage. The next press of the electroniccard emulates the press of the “submit” button.

The user can, of course, fill out the form himself. If any portion ofthe form is filled out, the smart e-wallet application detects that theweb page is in the “submit” stage. If the browser is already opened tothe MyEWallet URL and the application is in the “submit” stage, thesmart e-wallet application will submit the completed form on the current.html page to the appropriate server, just as if the user had clicked onthe “submit” button with the mouse.

During these user transactions with web merchants and portals, the smarte-wallet application sends usage information to the log server 296.Specifically, whenever the electronic card is activated, the log server296 gathers the following information:

-   (1) electronic card serial number (or individual ID)-   (2) group ID (i.e., sponsoring web merchant or portal)-   (3) server date and time-   (4) PC date and time-   (5) Counter value (or card click number)-   (6) Action performed by card (e.g., open browser, login to wallet,    press “fill” button)-   (7) URL of the website visited by the user

These data can be used later to monitor user on-line behavior so thattargeted marketing and advertising schemes can be employed.Additionally, if the user has some technical or other problems with thesystem, the appropriate customer service representative can assist theuser more effectively with these stored historical data.

5.2.3 Security

Generally, the e-wallet application in the client computer stationperforms two checks—(1) card signal is valid based on signal structure,and (2) card transaction is valid based on the counter value. Thesechecks must be performed in realtime whenever a sound is detected by thesound system of the PC. In one embodiment, the client computer stationchecks both card signal transmission validity and card transactionvalidity. In another embodiment, the client computer station performscard signal transmission validity and a remote server performs cardtransaction validity.

The sound system, and in particular the microphone, is active in thecomputer station. Accordingly, any signal or noise can be picked up bythe microphone. Noise or other random sounds should not trigger theoperation of the e-wallet client application. To trigger the operationof this e-wallet system, a proper signal from the electronic card has tobe detected.

As described above in the data format section of this patentspecification, the electronic card transmits f0, f1, sync byte, knownbyte, the data, and the CRC, along with start and stop bits at everybyte interval. The data portion consists of the individual ID and theSeries (which is generated by applying DES3 encryption on the key, groupID, and counter value). The transmitted signal that is generated by thecard has a unique structure, which the client software in the PC can useto detect a valid signal.

The e-wallet client software also has a table that was generated from aDES3 operation on the card signal so that the client can perform apseudo decryption function. This table has the following fields—cardsignal, counter value, and user password. Also, the e-wallet applicationkeeps track of the last counter value that was transmitted by theelectronic card (and detected by the e-wallet application) as anadditional check, as explained further below. In one embodiment, thetable includes 3,000 possible card signals that could be detected by thee-wallet client software. Based on the various possible card signals,the table provides corresponding counter values and user passwords.

When a signal (or noise) is detected, the e-wallet application firstdetermines if the signal is a valid electronic card transmission. If itis not a valid signal, the signal is ignored and no further processingis necessary. If, however, the signal is valid, the e-wallet applicationdetermines whether the card transaction is valid. The e-walletapplication determines card transaction validity based on the countervalue in the table based derived from the card signal structure. If thederived counter value in the table is greater than the counter valuethat was previously stored by the e-wallet system, then the cardtransaction is considered valid. Why?

The electronic card increments the counter value in the card each timethe card switch is pressed. Thus, if the current counter value of mycard is 24, this implies that I had pressed the card 23 previous times.This counter value of 23 is currently stored in the PC. When the userpresses the electronic card, the counter value of 24 is transmitted tothe PC and the card increments its internal counter value to 25. This24^(th) press of the electronic card is a valid transaction because thetransmitted counter value 24 is greater than the stored counter value of23.

If, however, an interceptor recorded the electronic card transmissionwhile the user pressed the electronic card when the 24 counter value wastransmitted, he may attempt to use this recording to break into theuser's account. At this point, the PC's counter value is now 24 becausethe user had just transmitted the counter value of 24. If theinterceptor attempts to log into the user's MyEWallet account by playingback the sound recording to the microphone, the sound recording wouldtransmit a signal that included the counter value of 24. The PC'scounter value is 24. Since the interceptor's signal's counter value of24 is not greater than the PC's counter value of 24, the cardtransaction is considered invalid.

Once the card transaction is considered valid, the smart e-walletapplication performs a two-factor on-the-fly authentication operation togenerate a MyEWallet password. As mentioned above, the electronic cardtransmits a data stream which, for the most part, is constant except forthe counter value. Accordingly, each transmission of the data stream inthe electronic card contains a one-time code and the individual ID (orcard serial number). Also, a one-time code is also generated by theserver that provided the software download during the smart e-walletapplication and provided to the client computer station. This one-timecode is stored in the hard disk during the software installation and isdifferent for each user. Upon determination of a valid transmission anda valid transaction, the smart e-wallet application takes the detectedone-time code from the electronic card and the hard disk-stored one-timecode and hashes them together to generate a MyEWallet password. Inanother embodiment, a simple XOR operation could be performed on thecard's one-time code and the hard disk-stored one-time code to generatethe MyEWallet password.

Multiple benefits are provided by this on-the-fly authentication scheme:

-   -   (1) Only the electronic card in accordance with the present        invention can be used to log into the MyEWallet server and        access the user's account. No other card can achieve successful        authentication.    -   (2) Since the hashing function generates the MyEWallet password        from both the electronic card's transmission and the one-time        codes on the hard disk, the password does not “exist” in either        location; that is, the MyEWallet password is neither in the        electronic card nor the client computer station's hard disk. A        hacker/virus will not be able to retrieve the electronic card's        secret ID (or password) from examining the user's computer hard        disk since the secret ID (and password) are not stored there.        The secret ID and password are not stored in the application's        .exe file. Similarly, even if someone stole the card, the        MyEWallet password cannot be determined since the MyEWallet        password is generated anew from the information from the        electronic card and information from the computer station.    -   (3) Because of the use of the always incrementing counter value,        the mere recording by an interceptor of one or more of the        electronic card's transmission and the subsequent playback of        that recording will not enable the interceptor to gain access to        the smart e-wallet system. As described above, the smart        e-wallet system only accepts card transactions with a counter        value that is higher than the counter value stored in the smart        e-wallet system.    -   (4) Because the one-time code transmitted from the electronic        card is unique for every transaction, the user need not remember        the password since the smart e-wallet system generates the        password for each transaction.

In another embodiment of the present invention, the counter value istracked by the log server. By doing so, a particular security problemassociated with PC-based tracking of the counter value is eliminated. Toelaborate on the problem, assume that the smart e-wallet application isinstalled and running in two PCs—one at home and the other at theoffice. One day, the home PC's counter value is 15 and the office PC'scounter value is 14. The user uses the office PC to purchase variousitems on the web. As a result, the counter value in the office PC is nowat 18. During the transaction where the counter value 17 was transmittedto the office PC, an eavesdropper recorded this card transmission. Hecould then take the recording to the user's home and if he somehowaccessed the user's home PC, he could log into the smart e-wallet systemand access the user's account. Why? The recorded transmission includesthe counter value of 17. The home PC checks for a valid transaction bycomparing the received counter value with the last counter value in thecomputer, which is 15 in this example. Since the received counter value(i.e., 17) is greater than the last counter value (i.e., 15) in thecomputer, the smart e-wallet system considers the transaction to bevalid.

In contrast, a server-based solution to the tracking of counter valuewould eliminate this problem altogether. Because the server tracks thecounter value, any recording of transmissions and subsequent playbackwould not enable the interceptor to access the MyEWallet account. Thecounter value in the recording would not be greater than the countervalue in the server, regardless of which computer (office or home) isused. Similarly, this problem would not be an issue at all even if thePC kept track of the counter value if the user used only one computerfor all transactions.

As mentioned before, the primary purpose of the authentication server isto authenticate users. To this end, the authentication server maintainsa database of the following that information associated with each user:DES3 keys; counter values; electronic card individual ID (or card serialnumber); electronic card group ID; and other secure personal informationsuch as user name, password, credit card number, credit card expirationdate, and the like. When a user wants to log into the smart e-walletsystem, the user presses the switch on the electronic card. Thistransmitted data is included in the request that is delivered to theserver over the Internet. When this request is received, the serverchecks the individual ID (serial number) of the card transmission.Remember, the individual ID is not encrypted. The server then decryptsthe data using DES3, checks to make sure that the individual ID isassociated with the group ID, and then checks the counter value. Referto FIG. 32 and the corresponding discussion below.

5.3 Web Transactions and Authentication

The use of the electronic card in accordance with one embodiment of thepresent invention provides many benefits for on-line web transactions.One problem with the current method of conducting sales transactionsover the web is that merchants and banks are concerned about cardpresence issues. In other words, because the merchants and banks cannotget your signature on the sales transaction slip like conventional storepurchases, the risk of repudiation of that sales transaction falls onthe merchant. How do the merchants know that you are who you say you areand are using your card as opposed to someone else's card? If a salestransaction is repudiated, the merchant does not get paid; the creditcard issuing bank loses some customer satisfaction; the acquirer bankloses some transaction cost for processing this repudiated transactionas well as experiencing some annoyance; and the relationship between theacquirer bank and the merchant can potentially deteriorate.

Generally speaking, the credit card fraud rules dictate that when atransaction is “card present,” the risk of fraud falls on the issuer. Ina conventional store purchase, the merchant processes the customer'scredit card by checking with the issuer before completing the salestransaction. When the credit card is cleared, the merchant finalizes thesales transaction. This is done in realtime. On the other hand, when thetransaction is “card not present,” the risk of fraud falls on themerchant. Usually, these transactions are the telephone or Internetorders where the reliability of the credit card actually being presentis low.

By using the electronic card of the present invention, the card presenceissues are significantly reduced. With the appropriate client side andserver side software, the only transactions accepted by theparticipating merchants, acquirer banks, and issuer banks are thoseinvolving the electronic card. The issuer bank (or even the credit cardorganizations) can require the merchant to only accept the electroniccard of the present invention or else the risk of fraud falls on themerchant. Customers will no longer be able to merely type in the creditcard number because these participating institutions will want somegreater assurance that the credit card is present during the salestransaction.

For example, assume that a company JKL, Inc. is a web portal. JKL hasbeen able to successfully sign on numerous merchants onto its website.In addition JKL has provided the electronic card of the presentinvention to all of its members. They instruct the member to use theelectronic card for all sales transactions conducted on their portal orwith merchants associated with the portal. With such an arrangement, theacquirer bank for merchant XYZ Company agreed to pay the merchant XYZCompany the full amount of all sales transactions conducted with theelectronic card. This acquirer bank believes that the use of theelectronic card minimizes card presence issues and the transaction istrustworthy. Similarly, the user of the electronic card is secure inknowing that his credit card number is not being broadcast throughoutthe web where it could be potentially intercepted and used elsewhere. Heknows that purchases made with merchants associated with the JKL webportal are bona fide legitimate purchases that he made himself (or anauthorized agent).

Similarly, a web merchant such as XYZ Company has a website. It providesthe electronic card to all of its members. The company requires use ofthe electronic card to conduct sales of its items. It sets up thispolicy to protect its members from unscrupulous credit card thieves andto ensure that its acquirer bank will guarantee payment for all salestransactions. The risk of repudiation is low for the merchant.

The following sections provide details into the credit cardinfrastructure that the electronic card of the present inventionsupports, some on-line authentication applications, some off-lineauthentication applications, and other web-related applications.

5.3.1 Credit Card Infrastructure

Referring now to FIG. 31, a simplified diagram shows the relationshipamong the various players for credit card transactions. The customer 314normally obtains a credit card from his issuer bank 313 (e.g.,CitiBank). He may have obtained the credit card by filling out anapplication or the issuer bank pre-approved the credit card and sent itto the customer. Regardless, the customer 314 has an account with theissuer bank 313. For all his transactions with the credit card, thecustomer 314 receives periodic statements of his activities from theissuer bank 313.

The customer 314 purchases merchandise or some service from a merchant311 whether web-based or conventional store-based. If cash is used, nocredit card-related issues are raised. However, if the customer uses acredit card, the various parties shown in FIG. 31 are involved at somepoint or another. With the credit card, the customer 314 can purchasegoods and services from the merchant 311. Sometimes, this salestransaction can be legitimate or illegitimate (e.g., stolen creditcard). But for the most part, this sales transaction is usuallyfinalized.

In order to be paid for a given sales transaction involving a creditcard, the merchant 311 sets up an account with an acquirer bank 312. Themerchant can select any number of acquirer banks to conduct itsbusiness. The acquirer bank 312 will honor the credit card-based salestransaction and pay the merchant 311 so long as the merchant 311complies with the rules governing their business relationship. Forexample, the acquirer bank 312 may require that a signature of thecustomer 314 be provided on the sales slip. For web transactions, theacquirer bank 312 may require certain security signing authorities beused to decrease the risk of repudiation. The particular deal betweenthe merchant 311 and the acquirer bank 312 can vary but usually involvesa small flat fee per credit card sales transaction or a small percentage(with a cap on the actual dollar amount) per transaction. In any case,the acquirer bank 312 also makes some money out of the sales transactionbetween the customer 314 and the merchant 313.

Of course, the acquirer bank 312 ultimately gets paid by the customer'sissuer bank 31, who in turn require corresponding payment from thecustomer, usually by check or money order. The issuer bank 313 alsomakes some money from the interest from customers 314 who do not pay thefull amount of the credit card balance by the due date.

Governing the behavior of the issuer bank 313 and the acquirer bank isthe government (not shown) and the appropriate credit card organizations310, such as VISA and MasterCard. Of course, the government regulatesthe banking industry heavily to protect consumers and the banksthemselves. The credit card organizations 310 control everything fromthe credit card itself (e.g., physical specifications, electricalspecifications, logo placement, photo placement, embossing) to creditcard readers and the communications protocol for on-line verification.Accordingly, the credit card organizations 310 place additionalrestrictions on the issuer bank 313 and the acquirer bank 312.

At times, a particular sales transaction can be disputed by the customer314 because: (1) the sales transaction is legitimate but the customercannot remember the transaction; (2) the sales transaction is notlegitimate and of course, the customer cannot remember the transaction;(3) the sales transaction is legitimate, the customer remembers thetransaction, and the customer still wants to dispute the transaction outof criminal intent; or (4) the sales transaction is legitimate, thecustomer remembers the transaction, and the customer disputes thetransaction price. To resolve the dispute, the customer 314 can call theissuer bank 313. For low priced items, the issuer bank 313 typicallycredits the customer's account regardless of whether the dispute or thesales transaction is legitimate or not. In other instances, however, theissuer bank may resort to actual proof that the customer's signature isprovided on the sales receipt. For web purchases, no signature isavailable to serve as such a proof. Any number of people with the creditcard number could have initiated and completed that sales transactionover the web.

The electronic card of the present invention alleviates these cardpresence issues. Various card distribution models are possible withinthe framework of this credit card infrastructure. The electronic cardcan be distributed or otherwise sponsored by any of the followingplayers: (1) merchant, (2) issuer bank, and (3) credit cardorganization.

First, a merchant, whether web merchant, web portal, or some othercompany with a web presence, can distribute the cards to its members andpotential members. If this company does not get involved in thedistribution of the electronic cards, it can sponsor the electroniccards instead. Thus, members can use the electronic card to purchasegoods and services over the web at any website associated with thiselectronic card. Of course, if multiple merchants are sponsoring thiselectronic card, the member customer can use the electronic card at anywebsite associated with these sponsoring merchants to make a purchase.

Similarly, an Internet Service Provider (ISP) can sponsor or distributethese electronic cards to its subscribers. In one embodiment, the ISPindicates to its subscribers the participating merchants that accept theelectronic card as a means of payment. Initially, this list ofparticipating merchants may be fairly limited but as more and moresubscribers use the electronic card, more and more merchants will acceptthe electronic card as the payment means instead of (or in addition to)the conventional credit card.

In another embodiment, the ISP could set up the authentication serverwith the smart e-wallet system. The subscriber initially logs into theauthentication server at the ISP and once authenticated, the subscribercan browse the web as usual and shop on-line. When the subscriberencounters a purchase form as a result of selecting a merchandise andgoing to the checkout line, the subscriber can use the form fillfunction of the smart e-wallet to complete the sales transaction. Referto the smart e-wallet system description above.

Second, the electronic card could be distributed by the issuer banks 313themselves. So, as customers 314 apply for credit cards, they receivethese electronic cards instead. However, these electronic cards could beused like the conventional credit cards because the electronic cardscomply with standard credit card form factor requirements. To theaverage customer, these electronic cards are no different from thestandard conventional credit cards with the magnetic strip, logo andembossed name, credit card number, and expiration date.

Third, and related to the second point above, the electronic card couldbe sponsored by or otherwise supported by the credit card organizations(e.g., VISA, MasterCard, American Express). Thus, all issuer banks mustprovide electronic cards that comply with the requirements specified inthis patent specification when distributing new or replacement creditcards to their respective member account holder customers.

In another embodiment, the issuer bank can bundle an online servicemembership with the credit card account. So, when a customer applies fora credit card, the issuer bank sends the customer the electronic card(which can also function as a conventional credit card with the magneticswipe) and an automatic online service membership. The first use of theelectronic card (when the user has accessed the online service company'swebsite) could affiliate the user with the account. With this bundling,the online service provider could keep track of various user-relatedusage data. The online service provider could then send membership (andcardholder) usage data to the card issuer bank.

The principle advantages of this bundling scheme to banks is that theyincrease the frequency and depth of interaction with their cardholders.The effect is to heighten the cardholders' awareness of the issuersbrand and services. This could lead to interesting opportunities, suchas maintaining more detailed databases on use habits to help make moretailored offers of additional services to the cardholder. The increasedpresence of the card in users' everyday experiences could also lead toincreased transaction volumes.

Moreover, the fact that users activate their cards more regularly thanthey would use a simple payment card leads directly to applications nototherwise possible. Issuers of cards under the present invention, byvirtue of network servers used to authenticate the cards, can be madeaware of when cards are being activated. Since the cards are being usedin the context of Internet sessions, issuers may assume that cardholderswill be present near their computers for some limited period followingcard activation. During that period of time, issuers can use theopportunity of a cardholder's presence to exchange useful messages withthe cardholder. Exemplary messages include notifying cardholders ofupcoming bill due dates, notifying cardholders of past due dates, andnotifying cardholders of special promotional offers or discounts.Ideally, the cardholder would also provide a mechanism for the user torespond immediately. Because the issuer knows that the user has a cardpresence, the issuer can even use that opportunity to conduct higherrisk transactions than they normally would in a card-not-presentatmosphere. Because of the presence of the card, the issuer might, forexample, allow balance transfers, withdrawals or bill payments to bepaid online.

Another embodiment for increasing interaction between issuers andcardholders integrates the cards with “push” technology, such as isknown in the art, for sending a priori messages to Internet users. Atany point during an Internet session (whether or not a card has beenactivated but preferably after), alerts that call for card activationcan be pushed out to the cardholder over the Internet. Exemplary alertsof this kind include notification of successful or unsuccessful bids forauctions or ‘reverse auctions’ (e.g. eBay, Priceline), as well as stocktrading alerts. Through integration of “push” technology to theelectronic card's client software, alerts can be conveniently deliveredto the cardholder. As is known in the art, “push” technology can deliversuch information as messages, content and patches to client software,without direct client request.

In one embodiment, a cardholder is pushed an alert, indicating that herbid to a reverse auction was not accepted. The user could then beprompted to activate their electronic card to authenticate theirre-entry to the bidding system in one step. This scenario saves time inthe re-bid process, and can reduce both customer drop-off rates inre-bidding, as well as re-bid repudiation. This scenario providesadvantage over the current system of unauthenticated, email alerts. Inanother embodiment, the user is pushed an alert indicating theirsuccessful bid. The user could then be prompted to activate theirelectronic card in order to print a record of their successful bid.

In another embodiment, the integration of the card with push technologyprovides users with the opportunity to pay bills securely. The clientsoftware could be configured by the user or service provider to receivebill payment alerts from merchants, utilities or financial services. Forexample, bill payment and presentment services could push payment alertsto customers, to remind them to pay their telephone and electricalutilities bills. In a similar fashion, online financial servicecompanies could remind users to make mortgage or margin payments, or tocontact customer service regarding returned checks. The userauthentication functionality of the card enables secure payment of suchbills in direct response to these prompts by operating a card.

5.3.2 On-Line Authentication

In accordance with one embodiment of the present invention, the on-lineauthentication works in a manner similar to that of the smart e-walletsystem described above. Generally, the electronic card interactivesystem can involve some checks locally at the client PC or remotely atthe authenticating server.

For the local check, when the user presses the switch in his electroniccard, the PC processes the signal and checks for electronic cardtransmission validity. If the structure of the signal detected by thePC's microphone and sound system is similar to that of the electroniccard's signal, then the signal is presumed to be valid. Thereafter, thePC checks for electronic card transaction validity. Here, the PC merelychecks whether the counter value in the signal transmitted by theelectronic card is greater than the counter value last stored by the PC.If the transmitted counter value is indeed greater than the countervalue stored in the PC, then the card transaction is presumed to bevalid. In another embodiment, the counter check will occur at theauthentication server, instead of at the local client PC. So far, thechecks have only been made locally at the client PC. The remotelylocated authentication server will also perform checks of its own.

To perform the remote check, an authentication server includes adatabase, decryption facilities, and authentication logic. Refer to FIG.32. The authentication process begins at step 320. The database includesthe user names, DES3 keys, and other secure information (e.g., password,credit card number, expiration date, group ID, counter value, individualID). Once the electronic card transmission passes the local clientchecks, the data from the electronic card transmission is delivered tothe authentication server as an authentication request at step 321.

The data stream in the electronic card's transmission, which is includedin the authentication request, includes an encrypted portion and anunencrypted portion. The encrypted portion includes the DES3 key, groupID, and counter value. The unencrypted portion includes the individualID. The authentication server takes the unencrypted individual ID andchecks if a corresponding user is associated with that individual ID atstep 322. If so, the authentication server decrypts the encryptedportion of the data stream at step 323. If not, the authenticationserver returns a security error message or a message otherwiseindicating that access is denied at step 327 before ending at step 328.

At step 324, the authentication server checks if the group ID in thedecrypted portion of the authentication request corresponds to theindividual ID just verified. If that check is passed, the authenticationserver checks if the counter value in the authentication request isgreater than the stored counter value at step 325. If not, access isdenied at step 327. If the counter value in the authentication requestis greater, then the authentication has been successful. The new countervalue is then stored in the database associated with this user. Thiscounter value check at the authentication server is in contrast toanother embodiment where the counter value check occurs at the localclient PC, as described above. Once the user has been authenticated, theauthentication server returns a confirmation that indicates thatauthentication has been successful at step 326. This authenticationprocess ends at step 328.

Once authenticated, the user is free to shop, purchase, and otherwisebrowse on the web. For e-wallet applications, the smart e-walletapplication facilitates the form filling function in finalizing salestransactions. Smart e-wallet applications are provided above in thesmart e-wallet system section. For other applications, theauthentication process merely allows a user to access and other wisecomplete the sales transaction after pressing the TX switch on theelectronic card. For example, once a user has shopped and selected anitem to purchase from a website, the website delivers a purchase form tofill out. The user does so. However, instead of the credit card number,the user is asked to take out his electronic card and press the button.The user does so. When both the user's PC and the remote authenticationserver has authenticated the card transmission, the website will eitherreturn a web page that states “Thank you for your order. Your ordernumber is 1234ABC” where the return confirmation message from theauthentication server also finalized the sales (by emulating the“submit” button on the web page). Alternatively, a message is displayedindicating that the authentication process has been successful. The userthen proceeds to submit the form manually and complete the salestransaction in the conventional manner.

This authentication model can be implemented in several different ways.The authentication server can be located or otherwise maintained andoperated by several entities: (1) third party (e.g., private securitybased company, bank, or credit card organization), (2) merchant or webportal, or (3) ISP. These implementation strategies will now bediscussed.

For the merchants, a convenient implementation strategy would involvesome third party such as the hypothetical company RST Corporation whichdedicates one or more authentication servers for various merchants. Thethird party could also be a bank (normally the issuer bank) or thecredit card organization. Thus, the disruption to the merchants' websystem would be minimized. Customers merely access RST's website toshop. When these customers have selected some merchandise to purchase,they merely take them to the checkout line on the website. Although thesales procedure varies from merchant to merchant, invariably thecustomers get to a web page where they have to provide some personaldetails such as name, shipping address, and credit card number.

At this point, the customer is asked to take out his electronic card andpress the button. When he does so, his PC handles the localauthentication as described above. When he passes the localauthentication checks, an authentication request is delivered to the IPaddress associated with the third party's authentication serverlocation. Here, the third party's authentication server handles theauthentication of this user. If authentication fails, access is deniedand the merchant's server is notified in real-time of this condition.The merchant would then refuse this particular user's purchase requestbecause, for various reasons, this user's account is delinquent, theaccount does not exist, the transaction is not valid because the countervalue is not valid (perhaps the user was using a recording of anotherperson's card transmission), the group ID is not valid, or the serialnumber (individual ID) is not valid. Alternatively, the merchant wouldassist the user in setting up an account.

If, however, the authentication server returns a confirmation to themerchant's server in real-time, the merchant's server would then allowthe user to manually continue with the purchase process since themerchant deems this user to be present and in good standing.Alternatively, the confirmation from the authentication server to themerchant's server may also trigger the automatic completion of the salestransaction. The authentication request associated with the userpressing the switch on his electronic card essentially emulates the“submit” button that would normally be present in these sales forms.

This implementation strategy represents an advantage over the currenton-line transactions because the merchants would receive transactionconfirmation from a trusted source. This trusted source is the thirdparty which not only confirms card presence during the salestransaction, but also checks various aspects of the account—from accountdelinquency to non-existence of the account. The frequent contactbetween the third party and the merchant and the added fraud-protectionover conventional “card-not-present” transactions strengthen therelationship between the third party and the web merchant. If the thirdparty is the issuer bank, the relationship between the web merchant andthe bank would improve. For example, a credit card issuer of electroniccards under the present invention could offer to assume the risk ofthose “card-not-present” transactions only to merchants participating inthe issuer's e-wallet, or e-commerce portal service. The effect would beraising the interaction with cardholders and transaction volume, withouttaking on real fraud risk, since the present invention provides adequateassurance that a transaction is, in actual fact, card-present.

For the second implementation strategy, the merchant and/or web portalsthemselves operate the authentication server independent of any thirdparty. In this case, the database it maintains only keeps track of itsown members. However, this implementation strategy may be lessattractive to merchants who are more concerned with improving andmaintaining their own content, instead of maintaining and operating anauthentication server. However, it is a viable strategy for thosemerchants with the resources to support this separate server.

For the third implementation strategy, an ISP maintains and operates theauthentication server. If only a few ISPs participate in this venture,only those subscribers in a region serviced by that ISP can benefit fromthe electronic card interactive system. To gain universal acceptance,many ISPs located throughout the world must participate in this venturebecause web merchants are located across the web. However, it ispossible to have the ISP authenticate the user when the user launchesthe browser. Upon accessing the ISP, the user will be asked to press theelectronic card switch for authentication. Alternatively, the user willbe asked to press the electronic card switch to launch the browserfollowed by other functionality in a manner similar to the smarte-wallet system described above. Thereafter, the smart e-walletapplication will fill out any form for the user when he is about topurchase an item from a web merchant.

Ideally, the payment card associations (Visa, Mastercard, AmericanExpress, Discover, etc.) would agree that transactions effected by cardsunder the present invention were actually considered “card present,” andhonored to the same extent as any other card-present transactions. Butalso note that under any of these schemes for online authentication,those payment card associations need not make any change to their owntransaction processing systems in order for merchants under the currentinvention to enjoy the benefit of card-present transactions. In theprior art, the payment card associations' systems are equipped toidentify in real time whether a transaction is card-present (in store)or card-not-present (via phone or Internet.) Under the currentinvention, a merchant could be provided with evidence for its recordsthat a transaction was effected not by manual entry of a card number,but by an actual transmission from a physical card. If a cardholder doesnot report a card lost or stolen, and then later attempts to repudiatethe transaction, the merchant would have in his records good evidencethat the transaction was genuine.

5.3.3 Off-Line Authentication

In accordance with another embodiment of the present invention, off-lineauthentication works in a manner similar to that of the smart e-walletsystem and the on-line authentication described above. The differencewith the off-line authentication is that confirmation is not provided tothe merchant in real-time.

In one embodiment, the confirmation would be sent to the merchants viaemail or through some other non-real-time means. In this way, themerchant and the customer could deal with each other in the conventionalmanner without waiting for the third party authentication server tocomplete the authentication check. But, before the merchant ships themerchandise or provides the service to the customer, the merchant wouldcheck to make sure the confirmation has been received. If theconfirmation has been received, that sales transaction has been approvedby the authenticating third party. If the confirmation has not beenreceived, the merchant would hold shipment of the merchandise orotherwise refuse to provide the requested service. The third party couldalso keep the confirmation (or lack of confirmation) report for eachsales transaction for future reference without affecting shipment orproviding the service.

Like the real-time confirmation example described above, this embodimentrepresents an advantage over the current on-line transactions becausethe merchants would receive transaction confirmation from a trustedsource, albeit in non-real-time fashion. This trusted source is thethird party which not only confirms card presence during the salestransaction, but also checks various aspects of the account—from accountdelinquency to non-existence of the account. The frequent contactbetween the third party and the merchant and the added fraud-protectionover conventional “card-not-present” transactions strengthen therelationship between the third party and the web merchant. If the thirdparty is the issuer bank, the relationship between the web merchant andthe bank would improve. No major changes are required for the merchant'sweb site and the web server for the non-real-time authentication.

In another embodiment, the authentication server can assist thosemerchants who, for various reasons, do not want to make any changes tohis system. The merchant may not even want to do the simple act ofturning on the authentication flag in his server. Perhaps the merchantdoes not even want to perform any authentication. How do you provideauthentication services to these merchants?

In this embodiment, the authentication server would place theconfirmation number in a form field that is normally not used in most,if not all, of the purchase forms that websites require customers tofill out to place an order. In this embodiment, the ADDRESS LINE #2would be used. This field is hardly, if ever, used by customers. Inother webpages, a NOTES field is provided. The sequence of operationsare as follows:

When the customer has selected an item to purchase on the web, he goesto the checkout line and encounters a form. He must fill out this formto place the order with the web merchant. In most of these forms is afield that is typically called “ADDRESS LINE #2.” With the smarte-wallet application or other special client software that is designedfor use with the electronic card, the customer takes out his electroniccard and presses the button. The electronic card then transmits its datato the PC via the PC microphone. The client software delivers this datato a third party authentication server which performs the authenticationin a manner described above. The authentication server then sends atransaction confirmation number back to the customer's PC clientsoftware, which fills in the ADDRESS LINE #2 field with this transactionconfirmation number in the merchant's purchase order form page.

In one embodiment, the transaction confirmation number is merely arandomly generated number. In another embodiment, the transactionconfirmation number is actually a digital signature of the order numberand a public key. A digital signature is used to authenticate theidentity of the sender (i.e., the third party authentication server) orthe signer of the document. The use of the digital signature ensuresthat the signed document cannot be easily repudiated, cannot be imitatedby someone else, and can be easily time-stamped.

A special merchant software can process all the purchase forms andassociate customers with successful or unsuccessful authenticationresults. Thus, after completing the sales transaction, the third partyauthentication server places the transaction confirmation number on thepurchase order form via the special client software located in thecustomer's PC. When the customer finalizes the sales, the purchase orderform is submitted to the merchant. At the end of the day, the merchanthas electronic versions of all the purchase order forms that have beenfilled out by customers as they purchased the merchant's products orservices.

The special merchant software would process all the purchase order formsand decipher the transaction confirmation number provided on the ADDRESSLINE #2 field off-line. The special merchant software would thengenerate a report that indicates the success or failure of theauthentication for each customer. The nature of the transactionconfirmation number would provide this indication. The merchant can usethis report to hold the shipment of the item purchased. Of course, themerchant would check with the customer to inquire why the authenticationfailed and may even assist the customer in repairing the situation ifthe situation is reparable (e.g., insufficient credit limit, expiredelectronic card).

This embodiment of using the ADDRESS LINE #2 field represents anadvantage over current on-line transactions because it providesmerchants a transaction confirmation number from a trusted source. Thistransaction confirmation number indicates that the customer had theelectronic card associated with a particular customer's credit cardaccount present when he made the web purchase. Merchants can use thistransaction confirmation number to validate the customer in real-time,if necessary, or any time thereafter. This information provides theproof necessary to counter later repudiations. This method prevents suchfraud techniques as credit card number generators or stolen credit cardnumbers since the actual credit card number is not delivered over theInternet. Also, no changes are required in the merchant's web page orserver.

In accordance with another embodiment of the present invention, someadditional information is provided in the credit-card field inconjunction with the standard credit card number for authenticationpurposes. For example, a one-way card with an e-wallet software isprovided. Whenever the user makes a purchase, he presses the button onthe electronic card. With the button press, the card calculates the nextnumber in a series, and sends it to the PC. The PC turns on the e-walletengine and fills the address and credit card fields. However, instead offilling the regular credit card number, it fills a special code.

An exemplary code is designed as follows: 4 constant digits to designatethe card number as a special kind, 6 digits for the card ID, and 6digits of the card-sponsoring company's ID, and 6 digits from thepseudo-random series generated by the card (based on the counter value).

The merchant receives the card number and sends it through some channelto the acquirer bank as is typically done today. When the acquirer banksees the special 4 first digits, he queries the server to checks whetherthe last 6 digits are valid according to the counter value. If twoidentical codes are received (same counter value), then a theft or somefraud has occurred, or if the code received is too old, then there wasan attempt for theft. The server is located at the issuer bank andinstead of listening for one credit number per user as is normally done,it listens for a unique credit card number per transaction.

5.3.4 Password Generator

For this application, the electronic card and the PC client software areused to generate an ever-changing password to the user to access a webpage. The electronic card contains a display for presenting the passwordto the user. The user then manually enters the newly generated passwordwith the keyboard to enter the web page.

In this embodiment, the password generator includes the electronic cardwith a display, the special client software, the web browser, and theserver that performs the authentication. Typically, the user browses theweb and attempts to access a web page that he may or may not have anaccount with. If he has an account with this web page, he also has theelectronic card provided to him by this merchant or some othersponsoring company that work. For various reasons, the access is limitedto those users with open accounts and the electronic card. When the userrequests access to this web page, the web page informs him that accessis limited to members in good standing.

The web page asks the user to start the authentication process and whendone, to enter the newly generated password before submitting theauthentication form back to the website. The user enters his name (orID) and perhaps a password. The server associated with this web pagethen sends an encrypted number to the user's PC via the web browser.This number is also accessible by the special client software. Inanother embodiment, the number is not encrypted. The special clientsoftware in the PC sends this number to the user via the PC speakers.This number can be based on the counter value or a randomly generatednumber. The counter value can be accessible by the server because theaccount database includes the counter value for this particular user.

The electronic card detects the encrypted number, decrypts it with itsprivate key, and generates a password. This password is then presentedon the electronic card's display. Concurrently, the web site server hasalso generated a password since the password-generating functionality isanalogous in both the electronic card and the server. At this point, theuser enters the password with the computer keyboard into theauthentication form on the web page and submits it. When the serverreceives this password, it compares this received password to thepassword it generated internally. If a match exists, the user is allowedto access the web page. If a match does not exist, the user is deniedaccess to the web page.

This approach provides several advantages over the conventionalpassword-related approaches. Because the password is different for eachtransaction, the system is more secure. The user need not remember thepassword and even if one password was stolen somehow, that thief couldnot use it for another transaction. Also, the password does not exist inthe electronic card, the PC, and the authenticating server for a longperiod of time. The password exists in the electronic card and theserver for a short period of time. In the electronic card, the passwordis saved in RAM so when the electronic card powers down, the password isforever gone. In the server, the password exists for a short time (e.g.,5 minutes) that is just long enough for the user to log in successfully.Thereafter, the server discards the password immediately. In thisconfiguration, the PC need not have a microphone since the user is notusing the electronic card to directly transmit any data to the PC (orserver). On a related note, the special client software does not needany special digital signal processing section to process any receivedsignals since the electronic card will not be transmitting any signalsto the PC.

5.3.5 Challenge-Response

In another embodiment of the present invention, the merchant and usercan employ challenge-response techniques to verify to each other'strustworthiness. Usually, one of the parties verifies that the other isindeed the party it claims to be for a given transaction. In some cases,however, both parties may want to verify each other for a giventransaction.

In either case, digital certificates can be used. As known to thoseskilled in the art, a digital certificate is similar to an electronic“credit card” that establishes the certificate user's credentials whendoing business or other transactions on the web. It is normally issuedby a certification authority. The digital certificate contains theuser's name, serial number, expiration dates, a copy of the certificateholder's public key, and the digital signature of thecertificate-issuing authority so that the recipient of the digitalcertificate can verify that the certificate is indeed authentic andreal. Some digital certificates conform to the X.509 standard.

FIG. 33 shows the sequence of steps of actions taken by the electroniccard and the merchant in the case where the customer wants to verify themerchant. Initially, the merchant sends a digital certificate over theweb to the customer. The digital certificate contains the date ofexpiration, name of merchant, signature of the certification authority(e.g., Verisign), and the merchant's public key. The customer's PCreceives the digital certificate and in turn, transmits the digitalcertificate to the customer's electronic card. The electronic cardcontains standard logic and programming to perform a check to make surethe digital certificate is valid. In one embodiment, the electronic cardchecks to make sure that the digital certificate is signed by thecertification authority and contains no errors. By verifying that thedigital certificate is properly signed by the certification authority,the customer is making sure that no one is faking the information in thecertificate.

At this point, the customer has the public key of the merchant. Thecustomer can verify the merchant by sending a challenge and then testingthe response to the challenge. The electronic card generates a randomnumber. The customer transmits the random number to the PC. The PC thensends the random number to the merchant. The merchant signs the randomnumber with the merchant's private key and sends the signed randomnumber back to the customer's PC. The PC receives the signed randomnumber and sends it to the electronic card. The electronic card checksthe signed random number with the merchant's public key, which itobtained earlier. If the proper random number is recovered, then themerchant is presumed to indeed be the merchant it claims to be. Thecustomer can now trust the merchant. Alternatively, instead of thecustomer sending a random number, the customer can send a digitalcertificate, which contains the ID and a public key. This certificate issent by way of the certification authority.

Note that in this example, the party on the other side of thetransaction knows the public key that matches the private key. Thecertification authority ensures that this public key belongs themerchant when the digital certificate has been delivered to thecustomer. To indicate a successful verification, the electronic cardcontains logic to sound an audible alert such as a ringing bell. If theverification is not successful, the electronic card can sound adifferent audible alert such as a buzzer.

In an alternative embodiment, the electronic card is not involved inthis process. Rather, the PC performs all the steps that the electroniccard is programmed to perform as shown in FIG. 33.

FIG. 34 shows the sequence of steps of actions taken by the electroniccard and the merchant in the case where the merchant wants to verify thecustomer. For this case where the merchant needs to check the customer'sidentity to determine whether it can trust the merchant, a similarprocedure is provided in the opposite direction. The customer'selectronic card sends the card ID number (i.e., individual ID or serialnumber), the customer's public key, and a digital certificate. The PCreceives this transmission and sends the card ID, the customer's publickey, and the digital certificate to the merchant.

When the merchant receives the card ID, the customer's public key, andthe digital certificate, it checks to make sure that it is a goodsignature from the certification authority. This provides the merchantwith the assurance that no one is faking the card ID and public key.

The merchant then sends a random number to the PC, which retransmits itto the electronic card. The electronic card signs the random number withits private key and sends the signed random number back to the PC. ThePC then sends the signed random number back to the merchant. Themerchant receives the signed random number and checks it with thecustomer's public key. If the check is proper, the merchant can beassured that it is dealing with the electronic card that it purports tobe. The merchant can trust the electronic card.

FIG. 35 shows the sequence of steps of actions taken by the electroniccard and the merchant in the case where they want to verify each other.In this embodiment, both the customer and the merchant check each othersubstantially concurrently. The electronic card sends a first set ofdata including the digital certificate, the card ID, the customer'spublic key, and a challenge (e.g., random number) to the PC. The PCretransmits the first set of data over the web to the merchant.

The merchant receives this first set of data and signs the challengewith the merchant's private key. The merchant then sends a second set ofdata which includes its own challenge, the response to the customer'schallenge, and the digital certificate which contains the merchant'spublic key (among other data as described above). The customer's PCreceives this second set of data and retransmits it to the electroniccard.

The electronic card checks the digital certificate to make sure it wassigned by the proper certification authority and the response to thecustomer's challenge (i.e., the random number originally sent by thecustomer and subsequently signed by the merchant with the merchant'sprivate key). The customer checks the response with the public key thatwas just sent by the merchant as part of the digital certificate. If theresponse is proper, then the customer can trust the merchant. Theelectronic card then signs the merchant's challenge with the customer'sprivate key and sends the response back to the merchant. In analternative embodiment, the electronic card is not involved in this stepof the process. In other words, the PC checks the merchant's digitalcertificate and the response to the customer's challenge with themerchant's public key.

The merchant then receives the customer's response to its challenge. Themerchant checks the response with the customer's public key that wasdelivered initially. If the check is proper, the merchant can trust thecustomer.

In another embodiment, the electronic card can send back the responsevia conventional telephone systems. Thus, the merchant sends a challengevia the Internet to the customer's PC. The electronic card receives thechallenge via the PC. The electronic card calculates the digitalsignature to sign the challenge and sends the response back via theconventional land-line telephone or cellular telephone system. In thisembodiment, the acoustic signal is in the audible range. The merchantreceives the response and checks it to make sure it is valid.

In another application, the use of the electronic card in chat rooms ormessage boards can prove invaluable in proving the authenticity of theuser. Thus, the user would use the electronic card to log into themessage board or chat room. The server would, of course, verify theidentity of the user based on the electronic card and employing thetechniques described above.

5.3.6 Crypto Service Provider (CSP)

As mentioned numerous times in this patent specification, the electroniccard in accordance with one embodiment of the present invention shouldbe compliant with the existing infrastructure. For Windows-basedsystems, all web browsers and servers support client authentication byusing Public Key Infrastructure (PKI), as known to those skilled in theart. Other exemplary merchant servers that support CSP include Apache,HS, and Netscape Server. To use this authentication method, merchantsneed only turn on the “user authentication” flag within their serversoftware, which requires selecting a button in a set-up menu.

Essentially, PKI allows users to send documents with digitalcertificates to prove that the user is indeed the user. The clientauthentication involves the use of cryptographic API (or crypto API),which provides an API between the various applications that are runningin the user's client computer system (such as Microsoft InternetExplorer, Outlook Express, Word, etc.) and the cryptographic serviceprovider (CSP) module.

As known to those ordinarily skilled in the art, CSP is a block of codedistributed in Dynamic Link Library form that allows programs that areaware of it to connect and use its resources. Generally, CSP resourcesare essentially the hashing and encryption algorithms that it contains.Physically, each Crypto Service Provider (CSP) is a dynamic-link-library(DLL) with an associated cryptographic signature authorizing it for useby the Crypto API. One of the jobs of the CSP is to protect private keyinformation from being exposed. Each CSP provides a differentimplementation of the Crypto API. Some provide stronger cryptographicalgorithms than others. In addition to Microsoft, a number of thirdparty developers have also released their own versions of Crypto ServiceProviders, each with its own unique set of ciphers, data formats andprotocols. Indeed, two different providers may in fact include the samecipher algorithm but it would be incompatible due to different paddingschemes, different key lengths, and different default modes.

Practically speaking, the CSP interacts with the user (and the user'sapplications in his client computer station) to allow the user toperform various security related tasks such as choose disk, givefingerprint (or voice print or biometric data), and the like. Becauseall web browsers and servers support it, the merchants who want a webpresence are also required to support it. Thus, the CSP does notrepresent any change to the existing infrastructure.

In general, the CSP essentially enables the servers to ask the users tosend digital certificates. The CSP in the client sends an unsigneddigital certificate. The server which supports CSP receives the digitalcertificate and sends a random number back to the client to have itdigitally signed. The client receives this random number and signs itwith its private key and sends the signed random number back to theserver. The server receives this signed random number and checks it withthe client's public key for final authentication.

One drawback to this conventional approach is that the private key isheld in the customer's client computer station. Thus, some hacker couldtheoretically break into that client computer station and steal privatekey. In accordance with another embodiment of the present invention, theprivate key is held in a third party CSP server. Referring now to FIG.36, the electronic card sends its data (i.e., individual ID, group ID,etc.) to the PC. Similarly, the web merchant sends a random number(i.e., challenge) to the PC across the web.

The PC, through the CSP module, sends a digital certificate (whichincludes the customer's public key) and the electronic card data to athird party CSP server. This third party CSP server functions as adigital certificate signing facility and holder of private keys of allits members. This CSP server signs the digital certificate, signs therandom number with the customer's private key, and then sends them backto the PC. The CSP server also checks the data sent from the electroniccard for “card presence” issues, which includes checking counter valuesand other parameters as described above in the On-Line Authenticationsection of the patent specification. The PC then delivers the signeddigital certificate and random number to the web merchant who checks thesignature with the customer's public key.

In an alternative embodiment, the digital certificate with thecustomer's public key could be sent directly to the merchant first.Thereafter, the electronic card sends the data and the merchant sendsthe challenge to the PC.

This scheme provides strong customer authentication without installingnew server software. Cardholder privacy is also preserved becausetransaction information is not sent in real time to an Internetauthentication server. With minor configuration changes to the existingsoftware, merchants can confirm that a given electronic card was presentin a particular transaction.

5.4 Plug-in Applications

In accordance with another embodiment of the present invention, thespecial client software 114 (in FIG. 11) and works with one or moreplug-ins in an integrated fashion.

In one embodiment, the plug-ins are all subservient to the masterspecial client software 114 (in FIG. 11). Thus, in addition tocommunicating with the electronic card, the special client software alsomanages the plug-ins. In another embodiment, the plug-ins are dominantover the special client software and can potentially perform moreadvanced and powerful functionality.

As known to those ordinarily skilled in the art, plug-ins or plug-inapplications are supplementary programs to the user's web browser whichassist the web browser to provide dynamic content that the web browseralone could not provide, such as playing sound or video. These so-calledhelper applications run as a separate application and require that asecond window be opened. Plug-ins are easily installed and used with theweb browser. A plug-in application is recognized automatically by thebrowser and its function is integrated into the main HTML file that isbeing presented. Exemplary popular plug-ins are Adobe's Acrobat, adocument presentation and navigation program that lets user's viewdocuments just as they look in the print medium; RealNetworks' RealVideoor RealAudio streaming media players, and Macromedia's Shockwave forDirector, an interactive animation and sound player. Hundreds ofplug-ins are available for download/install on the web or install viaCD-ROM.

5.4.1 Plug-in Subservient

In this embodiment, the special client software 114 (in FIG. 11)functions as the master or manager of the various plug-ins that areassociated with the electronic card. These plug-ins are bidirectionallycoupled to the special client software via the API layer. The specialclient software generally functions as described above—DSP forcommunicating with the electronic card, initialization, interaction withthe web browser, interaction with the PC's sound system, etc.Additionally, the special client software basically provides the frontend interface to the user and manages/launches the plug-ins when needed.

The plug-ins are generally sponsored by and/or written by variousservice providers, web merchants, or any company for that matter. Bydefinition, these plug-ins are other software applications in the PCthat are called into service whenever the web browser, or in this case,the special client software needs them. Because these plug-ins aremerely subservient support applications, their functions are controlledor otherwise limited by the special client software.

As the manager of the plug-ins, the main special client software keepstrack of the group ID. As described above, the group ID is essentiallythe identifying number or code that represents the sponsoring entity,whether it is an individual, a company, or some other organization. Forexample, XYZ Corporation may sponsor a set of the electronic cards inaccordance with the present invention to promote their website andproduct lines. They distributed the electronic cards to members andpotential members so that they could use them to purchase products,request sales information, earn incentive points, obtain coupons andother discounts, and otherwise receive updated news about the company.Thus, XYZ Corporation is assigned a unique group ID that are provided intheir electronic cards. Electronic cards sponsored by other companieswill have their own respective companies' group ID. Theoretically, auser could have many different electronic cards just like some usershave many different credit cards.

So, when the electronic card associated with a particular web merchanttransmits some data to the PC, the special client software performs theDSP functionality to recover the data and checks the group ID. Based onthe group ID, the special client software looks for the appropriateplug-in and enables its functionality. If the plug-in is outdated, thespecial client software will access a newer version of the plug-in overthe web, download it, and install it. This may be done with or withoutthe assistance of the user.

The special client software is equipped with additional functionality,because it is more than just a switch that routes the electronic carddata to the proper plug-in based on the group ID. Assume that thespecial client software is sponsored by a particular bank, let's say theuser's Visa issuing bank. This special client software associated canupdate and keep user passwords and IDs, check the user's credit card ifit is delinquent, keep track of the number of times the user accessesthe web, assist the user in navigating to the bank's home web page,assist the user in updating plug-ins, provide special offers to memberusers, scan other financial or other software in the PC and offerupdates, retrieve email for the user, and numerous other functionsrelated to the user's web experience with his bank. If a plug-in isnecessary to view/hear content in a certain way, then the subservientplug-ins will be appropriately launched and enabled.

The kinds of functionality that can be supported by the plug-ins arelimitless. Returning to the above example where the special clientsoftware is sponsored by the user's bank, the special client softwaremay deliver the user to the bank's home page where, based on the contentand various functionality programmed in that home page, the variousplug-ins provide support, such as interactive buttons, sound effects,playing video, playing animation, and the like that are embedded on thatweb page. For example, a plug-in that provides the user with aninteractive calculator to automatically calculate various aspects of hisaccount may be provided. Furthermore, the user may be able to play areal-time video from the security camera at this bank with anotherplug-in. Another plug-in allows the user to send an email or message tovarious bank personnel to address questions concerning his account. Ifthe user wanted to view one of his checks that did not clear, a documentviewer plug-in is provided to assist the user in viewing that check.

Continuing with this example, another plug-in provides a message to theuser via email whenever his account balance has reached certainthresholds (i.e., low threshold that incurs a charge) so that the usercan take appropriate action. If the balance is too low, the user canquickly make a deposit or some other adjustments to his account so thathe will not incur that penalty charge. Similarly, the user can have aplug-in that sends the user an email whenever anyone withdraws ordeposits a certain threshold amount of money. These email or messagingplug-ins operate by automatically contacting the bank's web server,accessing the user's account, checking the account activity since thatlast time the plug-in logged in, and notifying the user of the activity(if any). The plug-in could send an email to the user's email address,or alternatively, display a message on the user's PC desktop in a mannersimilar to an active desktop.

In another embodiment, the plug-in associated with XYZ Corporationallows users to log into XYZ's website. In other words, the user takesout his XYZ Corporation electronic card and presses the TX switch. Theelectronic card transmits the data which includes the group ID and themicrophone in the PC receives it. The data eventually makes its way tothe sound card and then the special client software.

Based on the group ID, the special client software looks for the XYZplug-in in the PC. If the plug-in is not available in the PC, thespecial client software accesses XYZ's website to download and installthe latest plug-in. In the alternative, the special client software asksthe user to download and install the XYZ plug-in. If the plug-in isdetected, the special client software launches the plug-in, which thenlaunches the web browser (if it has not been launched already). If theweb browser has been launched, the plug-in navigates to XYZ's home webpage. In another embodiment, if the web browser is already launched, theplug-in opens another window to navigate to XYZ's home web page.

At this point, the user is free to navigate anywhere on XYZ's website,or anywhere else for that matter. Note that the plug-in enabled the userto automatically log into the electronic card sponsor's (i.e., XYZCorporation) website by the mere press of the switch on the electroniccard. The master special client software steered the data to the plug-inassociated with the group ID.

Another exemplary plug-in allows the user to log into a specialmembers-only web page of the sponsoring web merchant/portal to obtaincoupons, discounts, special offers, and other promotional items. Thus,if RST Corporation sponsored a particular electronic card anddistributed the electronic cards to its members, the user of thatelectronic card could also log into a particular web page with the pressof a button in the electronic card. On this web page are variouspromotional offers, discounts, and the like, which are available only tomembers of RST Corporation's website. The plug-in not only allowedmember users to log into this special site but provided functionalitythat are optimized to view/hear certain information on this web page.Various interactive functionality on this web page are also madepossible with the plug-in.

Another exemplary plug-in interacts with an electronic card thatfunctions as a “voucher” or credit-limited card. The electronic card isthen generic to multiple or many different web merchants. As users tryto purchase merchandise with web merchant(s) that support this “voucher”electronic card, the plug-in checks the purchase to make sure that theuser does not exceed his credit limit. Appropriate logic is provided inthe plug-in to interact with the web browser to obtain the purchaseprice of an item so that the proper credit limit check can be performedby the plug-in. If multiple web merchants support this electronic card,this generic plug-in can have different credit limits for each webmerchant. If a credit limit is exceeded for a particular purchase, theuser is notified with some dialog box and the purchase is otherwisecancelled. Thus, as the user navigates the web and attempts to makepurchases, the plug-in checks each purchase to make sure the user is notexceeding the credit limit in his “voucher” electronic card.

If the electronic card is a multi-vendor card, the special clientsoftware determines which web page the user navigates to first in thissubservient plug-in embodiment. If, however, the plug-in is dominant asdescribed below, the plug-in itself determines which web page tonavigate to first. This may create some conflict between or amongcompeting dominant plug-ins.

5.4.2 Plug-in Dominant

In this embodiment, the plug-in is dominant over the special clientsoftware. In fact, the special client software merely provides the DSPfunctionality and checks the group ID to deliver the electroniccard-transmitted data to the appropriate plug-in corresponding to thegroup ID. Beyond this, the special client software relies on theplug-ins for additional support.

In one embodiment, the dominant plug-in can be an application that isplaced in the tray with an icon and is running concurrently. Thedominant plug-in serves as the front end interface to the user. Withthis front end, the merchant associated with this plug-in can placeadvertisement, promotions, special offers, and other items that promotethis web merchant's business. By being dominant over the special clientsoftware, the web merchant sponsoring the plug-in can write more codefor the plug-in to provide more functionality. Indeed, the plug-in couldbe designed to operate with not only the electronic card describedherein but other technologies as well, such as bar code readers.

Generally, the user takes out his XYZ Company's electronic card andpresses the button. This data transmission results in the special clientsoftware detecting the group ID and enabling the XYZ plug-in to belaunched. The XYZ plug-in now takes over, instead of the subservientplug-in embodiments where the plug-ins serve a more supportingsupplementary role to the special client software.

Once again, the plug-in can provide various functionality such asmessaging service associated with XYZ's website, delinquency informationof the user's credit card, and provide ads and other sales information.Essentially, the exemplary functionality described above for thesubservient plug-in are applicable for the dominant plug-in except thatthe front end is designed around the dominant plug-in. The specialclient software merely assists the dominant plug-in perform its tasks,i.e., by routing the electronic card transmitted data to the properplug-in based on the group ID.

For both the plug-in dominant and plug-in subservient embodiments, theinvention increases and enhances customer loyalty through electronicmedium. By merely pressing the electronic card button, the web browserwould open to a particular web page, whether it is the home web page ofthe company sponsoring the electronic card or the special clientsoftware. By going to this web page over and over again with the simpleact of pressing the button on the electronic card, the user becomes moreand more exposed to that web page's messages/ads/promotions. To increasethe user's loyalty to this web page, the merchant sponsoring theelectronic card can offer incentive points to users for every visit totheir web page using the electronic card. The plug-in can appropriatelyinform the web page whether the user accessed the web page throughnormal web browsing means or through the electronic card. Thus, even ifthe use had bookmarked various websites in the web browser, the loyaltyprogram sponsored by this web merchant to promote the use of theirelectronic card will increase customer loyalty.

Additionally, the plug-in can navigate the user to the user'spersonalized web page on the web merchant's website or a particularcommunity/interest group message board whenever the user uses theelectronic card. In this way, targeted advertising, sales offers,discounts, and other coupons can be tailored to the user's specificinterests/needs based on his past purchase decisions or the pastpurchase decisions of those group of people who are like the user (basedon some statistical profiling scheme). Specific functionality needed bywebsite can be provided by the plug-ins (e.g., playing sports gameinstant replay video/animation file for other community members to see).

5.5 Points/Cash Purchasing Mechanism

One embodiment of the present invention provides for a remote purchasingmechanism that involves the interaction of a consumer, a card issuer,and a web-based merchant. At the consumer end, an electronic card (orelectronic card) and a client computer system are used. In the clientcomputer system, a special client remote access software in accordancewith one embodiment of the present invention is installed and running.In addition, a standard microphone, speaker(s), and a web browser areutilized. At the card issuer end, a card issuer server is provided tohandle the consumer's account and authentication needs. At the merchantend, a merchant server or a server hosting the merchant's website isprovided.

As a starting point for discussing one embodiment of the presentinvention, refer to FIG. 45. A consumer, who also has a membership witha card issuer 452 (to be explained further below), is equipped with aclient computer system 451. The client computer system 451 has, amongother things, a web browser which the consumer uses the surf the web andmake purchases at various web-based stores. The web surfacing occurs onchannel 457 with respect to this particular merchant server 453, whichprovides the product that the consumer wishes to purchase. When theconsumer encounters a product that he wishes to purchase, he ultimatelygoes to the electronic checkout line of that particular web-based store.Normally, the web-based store, via merchant server 453, requires him tocomplete a form which asks for his name, shipping address, billingaddress, credit card number, expiration date of his credit card, andother personal information. Instead of manually filling out the form asusual, the consumer can use the secure purchasing mechanism inaccordance with one embodiment of the present invention.

At the outset, the consumer is equipped with an electronic card 450 (orelectronic card 450). The client computer system is a standard personalcomputer with a monitor operating on a Windows-based or Apple-basedoperating system. The electronic card 450 interacts with the clientcomputer system 451 via medium 454. This interaction occurs to transferthe consumer's digital identification (ID) from the electronic card 450to the client computer system to effectuate some transaction that is ofinterest to the consumer. The digital ID may be encrypted first in theelectronic card and then transmitted to the client computer system 451.

After receiving the encrypted digital ID from the electronic card 450,the client computer system 451 opens another channel 455 to the cardissuer server 452 which resides on the Internet and delivers theencrypted digital ID. The client computer system 451 may also send theURL of the merchant server in the same request or in a subsequentrequest. It accomplishes this using standard Internet accessing schemesby sending a request to the Internet with the uniform resource locator(URL) associated with the card issuer server 452. The card issuer server452 is typically maintained and operated by a company that providesmembership to Internet users and keeps member accounts of variousselected currency. Thus, one card issuer may elect to provide frequentflyer miles to its members and allow its members to conduct salestransactions using the frequent flyer miles. Another card issuer mayelect to provide incentive points to its members. Still another cardissuer may elect to provide jelly beans as a form of currency to itsmembers. Moreover, a card issuer may issue all these forms of currency.Whatever the currency, the card issuer company establishes and maintainsan account database of its members. This account database includes name,shipping address, billing address, credit card number, expiration date,and digital ID. Of course, other information on the account holder mayalso be provided as necessary. The digital ID in the account isassociated with the digital ID of the member/consumer that is programmedinto the electronic card 450.

In addition to allowing the consumer to select the currency of hischoice (that is also accepted by the card issuer), the card issuer alsoallows the consumer to allocate the amounts in that currency (and othercurrency) in any way that he desires for the purchase at hand. Forexample, assume that a book on a book merchant website costs $25. Theconsumer wants to buy that book but he wants to pay half in cash and theother half in accumulated incentive points at the current exchange rate.The card issuer server sends the credit card information to the merchantand subtracts (or credits) the appropriate number of incentive pointsfrom (or to) his account based on that day's exchange rate.

Having received the encrypted digital ID from the client computer system451, the card issuer server 452 decrypts the digital ID, authenticatesit, and references the account database to ensure that the digital IDcorresponds to a valid member. In accordance with one embodiment, thecard issuer server then opens up another channel 456 in the Internet andsends the credit card information of the member to the merchant server453. The merchant server 453 processes the credit card information tofinalize the sale and sends back a confirmation web page (whichindicates that the sale is complete and typically provides a salesconfirmation number) to the card issuer server 452. The card issuerserver 452 then forwards the confirmation web page back to the clientcomputer system 451. Alternatively, the merchant server 453 sends theconfirmation page directly back to the consumer at the client computersystem 451 via channel 457 without going through the card issuer server452.

In another embodiment, the card issuer server 452 sends a confirmationback to client computer system 451 via channel 455 indicating that thedigital ID is valid. The confirmation data may also include instructionsand member profile data to the client computer system 451 to fill outthe merchant's purchasing form. In another embodiment, the memberprofile data is stored in the electronic card itself so that noadditional member profile data need to be sent back to the clientcomputer system from the card issuer server. Having been instructed tocomplete the form, the client computer system 451 completes themerchant's form in the web browser in automated fashion. The consumerthen sends the completed form directly to the merchant server viachannel 457. The sale is finalized in the conventional manner. In thiscase, the card issuer server 452 merely authenticates the consumer anddelivers the confirmation back to the client computer system 451.

When the confirmation and instructions data are sent back to the clientcomputer system, the special client remote access software in the clientcomputer system opens up a second window (in addition to the windowassociated with the web browser). This second window provides theindication to the user of the confirmation. This second window alsoprovides the user with the opportunity to select the desired currencyfor the sales transaction and specify the allocation (e.g., 40% cash and60% incentive points for that particular purchase). When the userspecifies the currency and the allocation, the information is sent backto the card issuer server, which processes the information by affectingthe appropriate accounts. In one embodiment, the card issuer server thensends the credit card information to the merchant server. In anotherembodiment, the card issuer server sends the credit card informationconcurrently with the confirmation and instruction data, and the userand card issuer server negotiate for the currency and allocation later.

Note that with this secure purchasing mechanism, the card issuer canincrease membership by appealing to the many Internet users who want touse alternate forms of currency to buy goods and services over the web.Additionally, because no special software is needed at the merchantserver end, members can use their desired form of currency with any webmerchant, unlike the past where consumers were limited tobuying/redeeming points at the select few sponsoring merchants. Withincreased membership and usage, the purchasing mechanism of the presentinvention will improve and promote name branding of the card issuer'scard or card issuer's service.

For the user, a purchase can be made with any web merchant with anydesired form of currency (so long as the card issuer supports it).Additionally, because the data transfer from his electronic card to thePC to the merchant (via the card issuer) and back to the user isencrypted throughout the process, additional security is provided.

The special client remote access software performs multiple tasks thatare important to the various embodiments of the present invention.During the initial stages of the user's on-line purchase, the specialclient remote access software processes the sound waves corresponding tothe digital ID that have been emitted by the electronic card 10. Afterhaving been received by the microphone and processed by the sound card,the sound waves are processed further. The special client remote accesssoftware checks the encrypted digital ID sound waves to make sure thatthe data is complete and corresponds to the appropriate user'selectronic card 450. After the check is completed, the special clientremote access software opens another Internet channel to send a requestto the card issuer server 452. The special client remote access softwarealso sends the digital ID to the card issuer server 452.

During the next stage of the sales transaction, the card issuer server452 sends back either: (1) a confirmation that the digital ID has beenauthenticated or no confirmation, or (2) a forwarded web page from themerchant server that indicates that the sale has been finalized with theproper confirmation number. In the first case, the confirmation (or noconfirmation) from the card issuer server includes instructions and datafor the special client remote access software to complete the form thatthe merchant server requires for consummating the purchase. The specialclient remote access software then completes the form displayed in theweb browser window without any intervention by the user. Afterautomatically filling out the form, the special client remote accesssoftware is not involved any further in the transaction. The userinteracts with the merchant server directly with his web browser tofinalize the transaction.

In the second case, the card issuer sends the credit card and otherrelevant information to the merchant server. Thereafter, the merchantserver finalizes the sales transaction with the information provided bythe card issuer server and sends back the web page that contains theconfirmation number of the order (and also some indication that the salehas been consummated such as “Thank you for your order. Yourconfirmation number is xyzabc123.”).

In another embodiment, the electronic card is not needed. In otherwords, the user merely enters some digital ID with his keyboard. Thisdigital ID is then encrypted and sent to the card issuer server, whichprocesses this information as described above.

In summary, the various components of the system interact with eachother to facilitate the purchasing process. The electronic cardinteracts with the special client remote access software via the clientcomputer system's microphone to transfer a digital ID. The specialclient remote access software is capable of interacting with thespeaker/microphone drivers in the client computer system fortransferring the digital ID of the consumer, the web browser fortransferring form data, and the card issuer server for authenticationand other purchasing tasks. The card issuer server interacts with thespecial client remote access software for authentication andeffectuating other purchasing tasks and the merchant server fordelivering payment information. The merchant server interacts with theclient web browser for standard web access and the card issuer serverfor transferring payment information.

The benefits to the card issuer are primarily two-fold. First, becausenon-conventional currency are permitted to be used by its members,membership in the card issuer company will grow and be very active insales transactions. Second, the widespread use of the electronic card asa member of the card issuer company will promote name branding of thecard itself.

The benefits to the consumer are also primarily two-fold. First, becausedata is encrypted throughout the entire link of the sales chain (fromelectronic card to PC to merchant and back), the purchasing mechanism ismore secure than today's conventional method. Second, the user can useany desired form of currency (and in any amounts depending on how heallocates the cost) to make a purchase on the web with any web merchant,not just the few sponsoring merchants as he was accustomed to in thepast.

5.6 Bar Code Reader

In another embodiment of the present invention, a portable bar codereader is used to scan bar codes to provide an effective link to the barcode's corresponding website for faster service. A couple of exampleswill be provided to clarify this embodiment.

Assume that a user purchased a merchandise from the store. Thismerchandise offers a $5 rebate if the proof of purchase is returned tothe manufacturer. In this embodiment, the user utilizes a portable barcode reader to scan the bar code of this merchandise instead to storethe bar code in the reader.

The bar code reader can then be taken to the user's PC. After launchingthe web browser, the user takes out the bar code reader and presses theTX switch. The bar code reader then emits the sound which contains thedata corresponding to the bar code. The structure and format of thissound signal is analogous to the sound signal described above in thispatent specification. Part of the data in the bar code is the URL ofmanufacturer's website. The URL may correspond to the customer supportweb page, the technical support web page, or any other web pageassociated with the manufacturer of the merchandise.

When the special client software detects and properly decodes thissignal, it provides the URL information along with any other data in thebar code (e.g., product serial number, model number) to the web browserwhich promptly navigates the user to the web page specified by the URL.Once at this web page, the user can then apply for the rebate byproviding the name and shipping address. The manufacturer can then senda check in the amount of $5 for the rebate. Alternatively, the user canset up an account on this website so that his account can be credited.

As another example, the URL in the bar code can direct the user to aparticular web site to get more information about that product, themanufacturer's other product lines, and other related sales information.The user may also earn coupons and other discounts for simply navigatingto these web pages. The bar code represents a convenient way for theuser to access the relevant web sites.

5.7 Card-to-Card Information Exchange

In another embodiment of the present invention, the electronic card istwo-way card where the receiver is operational and waiting for signalswhen the power is on. In this embodiment, the electronic card containsuser profile information. This user profile information includes name,company, title, email address, telephone number, and special interests(e.g., computer hardware, video graphics, software game developer). Theelectronic cards essentially communicate with each other to: (1)exchange information for storage, and (2) match two users (i.e.,customer and vendor, or vendor and vendor) with similar interests.

In the first scenario, the action taken by the electronic cards isanalogous to the exchange of business cards. To avoid collisions,though, the transmissions should occur at different time periods. As oneuser nears another user, the first user can press the TX switch to sendthe information to the second user. Then, the second user would pressthe TX switch to send his information to the first user. An audiblealert (i.e., beep) would indicate when the transmission is complete (orthe data storage is complete). This embodiment implies a manualoperation.

Another embodiment is pseudo-automatic. When the first user nears asecond user, the two users would each press the TX switch to transmittheir respective contact information to the other. Instead oftransmitting immediately, the two electronic cards would each determinesome random time period. At the expiration of that time period, theelectronic card would then transmit the information. Although both usersmay have pressed the TX switch substantially at the same time, thegeneration and use of the random time period ensures that, more oftenthan not, the two electronic cards would each transmit information atdifferent time periods. Also, circuitry in the electronic card can beprovided such that when one of the electronic card detects a validelectronic card signal from the other electronic card, and thiselectronic card's randomly generated transmission time period has notexpired yet, this electronic card will not transmit the signal as longas it is receiving a valid electronic card signal. Even if the randomlygenerated transmission time period has expired, this electronic cardwill not transmit until all of the other electronic card's signal hasbeen received and processed. Then, this electronic card will transmitits own information.

In both cases, an acknowledgment signal may also be implemented. In thefirst case, the electronic card will retransmit until the otherelectronic card sent an acknowledgment. Then, the second electronic cardwould transmit (and retransmit) until the acknowledgment signal wasreceived by the first electronic card. In the second case, eachelectronic card generates a random time period. At the expiration ofthat time period, the electronic card will transmit the data to theother electronic card. Thus, using the randomly generated time periodsfor the transmissions, each card will continue to retransmit after eachthe expiration of each newly generated random time period until anacknowledgment from the other card is received and processed.

In the second scenario, the electronic card can be used as a means tomatch entities together—whether buyer-seller, vendor-developer, oremployer-potential employee at a job fair. Thus, in one example, apotential buyer goes to a convention. At each booth, the vendor has areader that can receive and process signals that are transmitted by theelectronic card. When the user of the electronic card nears the booth,he presses the TX switch on the electronic card and the reader at thebooth receives and processes the signal. If the company at this boothsells a product or is otherwise in a field that is related to theelectronic card user's field or special interest, then the reader wouldindicate a match. The reader would send a match acknowledgment signal ora no-match acknowledgment signal to the electronic card. The electroniccard would provide an audible alert that corresponds to the match orno-match acknowledgment signal, e.g., beep for match and buzz forno-match.

In all the scenarios above, the user can take his electronic card to hisPC and later download the data therein. Either pressing another buttonor the same button in download mode (e.g., press twice in rapidsuccession) will cause the electronic card to transmit the data to thePC. The special client software could then process the data and storethem in some usable format. Thereafter, the user could transfer thestored data in whatever application (e.g., Palm Pilot organizer) hedesires.

5.8 Webpage-Dependent Activation

With thousands and thousands of webpages on the web, not every websitewill support the communications protocol of the present invention; thatis, not all webpages are designed to listen for the electronic cardtransmission to perform some function or play an audio file thatcontains some data in a format that the electronic card of the presentinvention can understand. However, some websites support thecommunications protocol.

The user, however, is unaware of which website supports thecommunications protocol of the present invention as he navigates fromone website to another. Two solutions to this problem are offered—(1)webpage provides indication, and (2) client station provides indication.

In the first solution, the website itself will indicate that it supportsthe communications protocol and thus, the user will be able to takeadvantage of the electronic card's many benefits. A simple brand logo ofeither the card's sponsor or the card's manufacturer can be thisindication. In other cases, a more lengthy explanation will be providedon the website—something of the form “This website supports the XYZacoustic card. Please do not press the button on your XYZ acoustic cardunless prompted to do so. We will provide some feedback to indicate thatyour transaction with the XYZ acoustic card has been successful.” Thisinstruction may be coupled with eye-pleasing graphics and otheranimation to make it clear to the user that the timing of the buttonpress is important. Thus, as the user surfs the web, he will be alertedto those websites that support the communications protocol of thepresent invention.

In the second client station-based solution, the client station via thespecial client software will provide the indication to the user. In thisembodiment, the special client software is installed in the clientcomputer station. It is resident locally and is part of the System Trayset of applications. Normally, it is “asleep” in that it provides noapparent functionality to the user. However, it is operational andcommunicates with the web browser or whatever application is used toaccess the web. The special client software is installed in the clientand “wakes up” whenever it detects a webpage that supports thecommunications protocol of the electronic card. This is accomplished byproviding a code in the accessed webpage.

As discussed above, some websites support the communications protocoland others do not. This websites that support the communicationsprotocol can embed a special code that is also known to the manufacturerof the electronic card. When the user accesses a website that has thisembedded code, the special client software “wakes up” and alerts theuser that this website supports the communications protocol of hiselectronic card. This alert can be a flashing icon on the Icon Tool Barof the user's Windows desktop, a flashing or pulsating icon of theelectronic card on the upper right corner of the screen, or some othervisual or auditory cue. This tells the user that he can use hiselectronic card to conduct whatever transaction he has in mind on thatsite.

This special code can be provided as part of the header text. The codecan also be used in conjunction with some logo or graphic on the webpagethat indicates the exact type of electronic card supported. For example,the user has two electronic cards—XYZ Corporation's shopping card and aEZTrade Company's online trading card. At a particular website, thewebsite indicates via some graphic that only the XYZ electronic card issupported.

In addition, different codes can be used in different webpages (or evenin the same webpage) depending on the particular function that itsupports. Perhaps a one particular webpage will fill out a form for theuser when the user presses the button on the electronic card, whileanother webpage will authenticate the user to access his account. Thesecontext- and function-sensitive codes can be detected by the specialclient software so that the user's press of that single button on hiselectronic card will accomplish different things.

In a preferred embodiment, a single card can be used to interact with alarge number of different web services. This makes a single card moreuseful to a cardholder. It also gives rise to an opportunity for cardissuers to share in the revenues obtained by the service provider thatmakes the card-present authentication available. For example, assumethat an online stock trading service finds this card-presentauthentication under the present invention attractive enough that theywill pay two cents to the authentication service provider every time acard is used to log in. As a way to encourage card use or adoption, theservice provider could pass one of those two cents through to the issuerof the card used to effect that authentication. Ultimately, such revenuesharing could contribute to a “network effect” growing the demand forelectronic cards, since all issuers and participating web services wouldbe financially encouraged to keep their cards and services open toauthenticating universally, and not just to their own services. Usersunder such a regime would benefit from the ability to use any card underthe present invention to authenticate to any card-ready online (ortelephone-based) service.

5.9 Electronic Loyalty

Despite the advantage of money as a universally accepted means ofpayment, some consumers may not be willing to buy certain goods withmoney. Just as gamblers part with their money more freely when convertedinto “chips,” consumers may be more willing to part with an alternativeform of currency. “Points” are an example of a popular alternativecurrency used by many incentive award programs, as described below.

What are incentive award programs and how did they come about? Merchantshave long realized that due to marketing costs, the first sale made to acustomer is far more expensive (and thus less profitable) than ensuingsales. In order to maximize profits, most merchants work to buildlong-time relationships with customers, yielding ongoing sales withhigher and higher profits. While many merchants would be willing tooffer lower prices to entice particular customers to stick with them andnot switch to competitors, this is often impractical and alwaysexpensive. Charging different customers different prices is difficult atmany levels and even if it could be accomplished, giving the incrementalprofit back to the consumer defeats the merchant's goal in the firstplace. For this reason, incentive award programs were developed.

What is an incentive award program? Incentive award programs come in twovarieties—loyalty incentives and attention marketing. Loyalty incentiveprograms award “purchase points” to those consumers who take certainpurchasing actions. A classic loyalty incentive program provides abenefit to consumers who stick with or are loyal to a merchant and notswitch to competitors, while “punishing” those who switch from brand tobrand. Typically, an incentive is an incremental benefit that isworthless until enough points have been earned to redeem for a discountor a gift. Attention marketing programs reward consumers with “attentionpoints” for paying attention to a marketing message.

The loyalty incentive program will be discussed first. A highlysuccessful form of loyalty incentive award program with which manypeople are familiar is the airline mileage program, althoughnon-mileage-based programs also are widespread. Mileage programscurrently are conducted by almost every commercial airline. Travelerscan earn mileage or mileage points by purchasing an airline ticket andactually taking the trip. The exact number of miles earned by thetraveler is usually calculated by some formula based on the distance ofthe trip. After accumulating a certain number of miles or mileagepoints, the traveler can redeem his miles for a free or discountedairline ticket or some other award (e.g., coffee maker, free upgrades)that he can select from a catalog. The price-shopping, airline-switchingfickle traveler would arguably not benefit (or not benefit sooner) thanthe traveler who is loyal to one airline.

Similar incentive award programs also have begun to flourish in anonline environment over the Internet. Buyers can earn points online, forexample, by purchasing goods from an online merchant, clicking onadvertisements, filling out registrations and surveys, and performingvarious other activities of interest to merchants, advertisers and othercompanies. Users accumulate “points” into an “account” from which theycan redeem their points for certain goods or services.

Even those consumers who are not regular online users or even familiarwith the Internet may well be familiar with a variation of the pointsystem. Many merchants award discounted or free merchandise to loyal andfrequent customers. For example, by ordering a regular meal at arestaurant on ten different occasions (recorded on a stamped card), thecustomer may get 50% off the eleventh meal (or even get the eleventhmeal free). Similarly, another merchant might give a loyal customer afree drink with his meal after every seventh or tenth visit. Anothermerchant might give $10 off the next purchase for a first-time customer.These variations on the loyalty incentive point system are justthat—variations. Even though an actual physical card may be stampedafter each visit to a restaurant or a gift certificate is handed out,these stamps and gift certificates are analogous to points, albeit innon-electronic form.

The tremendous power of loyalty incentives is this: the more points thata consumer has earned, the more the consumer wants points. Eachincremental point is more and more valuable to the consumer because highpoint levels are associated with more exclusive (and valuable) benefits.So, the merchant benefits from the increased returns. The best customersare the least likely to switch to a competitor.

Although most point systems are still merchant-specific, more and moremerchants are forming relationships with one another so that points aremore universally accepted across different merchants, and thus moredesirable to consumers. For example, purchasing goods from one merchantcan result in earning points with another merchant. A consumer's use ofhis credit card might earn the consumer miles with Jones Airlines.Similarly, points earned through one merchant may be redeemable withanother designated merchant. Thus, the consumer is no longer restrictedto one merchant's catalog at redemption time.

But this is deceptive. Typically, points earned at an online store areusually not redeemable at a conventional bricks-and-mortar store, andvoce-versa. Thus, the thousands of points earned at XYZ.com is worthlessat the local department store. If a universal points database existedthat allowed consumers to accumulate points and store points, much likea bank, as well as redeem them almost anywhere, consumers might be moremotivated to participate in incentive award programs with greaterfrequency.

Thus, incentive award systems have demonstrated the viability ofaltering consumers' behavior if consumers perceive the points to be ofvalue. Yet, the fixed-merchant nature and the inability to earn/redeempoints between online and offline stores in existing incentive awardsystems often have limited the perceived value of points.

In accordance with one embodiment of the present invention, the UniformPoints System uses payment units, which can be in the form of actualpoints (and credit points) or cash (and credit). Uniform Points can beeither purchase points or attention points. These points are part of arewards system that rewards users who use the electronic card of thepresent invention. Although Uniform Points can be viewed as a separateform of currency to purchase products, Uniform Points are better viewedas a means of building a mutually beneficial relationship betweenmerchants and buyers. Thus, as users earn more and more Uniform Points,the users are rewarded with gifts and redeemable merchandise, whilemerchants are rewarded with more sales-generating traffic on theirwebsites.

Although any form of payment unit can be used in the Uniform PointsSystem of the present invention (including a mixture of cash andpoints), the patent specification will describe the embodiments withrespect to points. However, one skilled in the art will recognize thatthe implementation details will be similar if money or alternative formsof currency were used instead of points.

How do users earn points? Participating merchants award Uniform Pointsto consumers, and allow for their redemption, in numerous ways. Moreimportantly, these participating merchants have made these UniformPoints so universal that Uniform Points earned through one merchant canbe redeemed with another merchant, and vice versa. Additionally, UniformPoints can also be converted into miles for many frequent flyerprograms, and vice versa.

These Uniform Points can be earned in any number of ways, such as byregistration, by purchase of product/service, and by viewingadvertisements. The consumer is not necessarily required to visit anyone website to earn points; rather, Uniform Points can be earned throughany website or conventional bricks-and-mortar store that awards UniformPoints (i.e., those merchants with some relationship to Yahoo). UniformPoints can also be earned in other ways. Consumers can earn points fromselect merchants by:

-   -   (1) switching long distance carriers,    -   (2) updating user registration information periodically (to        track changing interests)    -   (3) trying out a new service with an already existing        membership,    -   (4) signing up for a new credit card,    -   (5) entering a merchant-sponsored sweepstakes,    -   (6) signing up for a trial membership to any merchant-sponsored        club,    -   (7) playing online games such as poker, blackjack, and slots,    -   (8) answering questions for an online poll,    -   (9) trying a new product with no obligations,    -   (10) requesting a free quote on a vehicle,    -   (11) visiting a website (although some registration may be        involved),    -   (12) writing and submitting product reviews (e.g., books, music,        video),    -   (13) downloading software from a website,    -   (14) signing up a friend to some club membership,    -   (15) serving an online community by answering user questions,    -   (16) Points could be awarded as a multiplier (i.e., “Click here        to double your points”),    -   (17) Points could be awarded offline as well (e.g., for using a        shopping card at a supermarket), and    -   (18) purchasing a threshold amount of goods from multiple        merchants.

This list is merely representative of the ways in which points can beearned. This list is not meant to be a comprehensive list. As mentionedabove, these Uniform Points are universally accepted among theparticipating merchants. Thus, points earned through one merchant can beredeemed through another merchant. So, when a consumer earns 50 pointsthrough a music merchant by purchasing some compact discs, that consumercan redeem those earned 50 points with a pet supply merchant to purchasedog food. Of course, the music merchant may have one set of rules on howto earn these points and the pet supply merchant may have a differentset of rules on how and when to redeem points and what thresholds arerequired for redemption. So long as these rules are observed, theconsumer can use points like cash and apply them across differentmerchants.

Referring now to FIG. 47, the Uniform Points System will now bedescribed. The central database 475 keeps track of points, giftcertificates, and cardholder information. Points are as described above.Gift certificates are items that have a specific cash value that can beused at the gift certificate-sponsoring merchant's store, whether onlineor offline. Thus, a $20 gift certificate from XYZ Corporation istypically redeemable only at the XYZ store. The central database 475 canbe considered a points/use database which keeps track of any online andoffline card use, whether the card is used as a loyalty card (forearning and redeeming incentive points), a gift certificate, or an ATMcard. Each registered user is associated with his own account for eachof these uses. Usually, the central database 475 is periodicallysynchronized with each participating merchant's own account database,such as that associated with merchant account server 472 and 474. Inother embodiments, the central account database 475 keeps the only copyof the account information so that the merchant's server 472 or 474would have to access the central database to access any particularuser's account information.

If the electronic card is used as a wireless acoustic card as describedin this patent specification, the press of the button on the electroniccard 470A triggers the transmission of a data stream. This data streamcan be as simple as the card-specific digital ID. The user's PC 471detects this data transmission and relays this card-specific digital ID(among other data described above) to the specific merchant's accountand authentication server 472. Of course, the user may haveautomatically launched into (via the activation of the electronic card)or manually navigated to this merchant's website. The merchant's websitewould support the communications protocol of the present invention.

After performing whatever authentication tasks are needed, the server472 accesses the account therein of the authenticated user. Based on theaction taken by the user, the user's account is adjusted. For example,the user may have 50,000 points in his account and by the mere press ofthe electronic card button, he spent 20,000 points on a brand new colorTV set. With this action, the central database subtracts the 20,000points from this user's account. In another example, the user has anelectronic card that represents a $20 gift certificate. The useraccesses the merchant's website and uses $17 of this $20-valued giftcertificate to purchase a CD. The central database adjusts this user'sgift certificate account to reflect this purchase so that only $3 is nowremaining. As a gift certificate, the electronic card of the presentinvention replaces the current paper gift certificates that merchantshand out.

Alternatively, the user could actually walk into a conventionalbricks-and-mortar store and use the electronic card 470B. Because thecurrent electronic card 470B has the traditional magnetic stripe onthem, this electronic card could be used with any conventional magneticstripe card reader 473. The authentication is performed via themerchant's account server 474 and the user's account is accessed via thecentral account database 475. This central account database 475 is thesame database used for the non-magnetic stripe embodiment describedabove.

Thus, the versatile electronic card 470A/470B with the acousticelectronics and the conventional magnetic stripe makes it moreattractive and convenient for the user to shop online and offline. Ontop of that, the central account database 475 increases the user'soffline purchasing power through online purchasing actions, and viceversa. A user can shop online and earn incentive points. Because of theuniversally used central account database 475, these incentive pointsthat were earned online can now be redeemed offline at any participatingbricks-and-mortar store. The central account database 475 keeps track ofany earned/redeemed points.

5.10 Additional Synergies with Voice

The present invention's preferred communication method (data modulatedon sound) gives rise to a number of convenient synergies whenimplemented with known voice technologies such as voice recognition andvoice verification, Voice over Internet Protocol (VoIP). Generally, oneof the goals of the present invention is to provide convenient,portable, physical authentication means for the Internet, in a knownform factor used in the offline world, that does not require anyinfrastructure change unlike the traditional smart cards. The recentproliferation of voice applications for the Internet, such as voicerecognition, and voice navigation for Internet browsers assures thatsound infrastructure (microphones and speakers) are rapidly penetratinginto all Internet platforms. The microphones being installed for thoseother purposes, generally speaking, are well suited for the cardcommunications techniques described herein.

Generally, the strength of a security system is measured, in part, bythe number and diversity of the security “factors” being required. Threesuch genres of security factors are commonly known as “something youknow” (e.g. a password); “something you have” (e.g. a card, such as thereader-free electronic card described herein); and “something you are”(e.g. biometric measures such as voice.) For example, a password byitself may not provide complete security, because a holder mayinadvertently disclose it, or the password can be guessed. A reader-freeelectronic card in accordance with the present invention can be lost orstolen. But when, as in accordance with various aspects of the presentinvention, a password is used as one factor, and the authenticatedpresence of a reader-free electronic card is used as another, securityis enhanced.

For some applications, however, including high security transactionslike extremely large financial transactions, there is no security factorequal in value to assuring that the correct person is present. Voiceauthentication as a biometric security factor is known in the art ofcomputer security. Typically, these schemes will require theauthenticating user to read arbitrary text, and then compare these vocalpatterns to the authentic user's own speech patterns to verifyconformity. One limitation of biometric security schemes, and voiceauthentication is no exception, is the requirement of special equipmentto receive the biometric data (e.g. fingerprint or iris readers, ormicrophones and sound systems for voice authentication). There areabundant known techniques for deploying voice authentication on a singlecomputer, or over a network by sending voice sounds to and receivingauthentication codes from, a network server.

But the fact that any issuer of the acoustic reader-free electroniccards of the present invention can be sure that each and every basestation includes a microphone solves this barrier to introducing voiceauthentication as a security factor. Thus, one embodiment of the presentinvention enables the proprietor of a security system to deploy a regimeincluding the “something you have” factor in the form of a card or otherphysical token practicing the acoustic data transmission techniquesdiscussed above, plus any combination of a password or other “somethingyou know” factor, plus biometric verification by voice authentication.

Lack of perceived security and a lack of user trust remain the principaldeterrents to people adopting habits of shopping and doing commerceonline. Because the base station described above includes a microphoneand sound system, increased personal relationship and trust can beestablished under the present invention by requiring presence of areader-free electronic card, and adding the personal attention ofspeaking with live people using VoIP techniques.

Major banks are moving to increase adoption of their online accountservices. Online banking represents a significant cost savings over inperson banking at branches, and even telephone banking. But customersmay hesitate to conduct banking activities online because over theInternet, no particular customer service representative can interactwith shoppers directly. But known VoIP systems enable voice-basedconversations with the other persons visiting a particular website, orwith customer service representatives manning that site.

Under the present invention, when combined with online banking or othersecure online services, an acoustic electronic card can be activated toenable various functionality within the sound infrastructure. Thecustomer learns to trust the Internet and his transactions thereinbecause of the guaranteed “card presence” transactions that are acceptedby online merchants/financial institutions. Furthermore, conversationscan be recorded for resolving non-repudiation issues for online bankingand other conversations with merchants. The user can also choose hisdesired customer service representative. In the non-financial Internetworld, one embodiment of the present invention allows authentication andlimited audience chat plus voice chat in a message board or chat room.

6.0 Non-Acoustic Embodiments

Instead of acoustics, another embodiment of the present invention usesradio frequency (RF) and magnetic field transmission/receptiontechniques to couple the electronic card and the client computerstation.

For RF, data from the PC to the electronic card is transmitted using VHFor UHF frequencies. These high frequencies can be achieved by softwaremanipulation at the PC. The CPU of the PC uses its data-address bus asthe transmission antennas and modulating signals on the bus. Theelectronic card receives and decodes these signals with standard RFdecoding circuitry. Alternatively, the PC can employ On-Off RFmodulation by halting and restarting the CPU. The electronic cardreceives and decodes these signals with standard RF decoding circuitry.

For magnetic field, the PC speakers transmit the data from the PC to theelectronic card. However, instead of picking off the audio signal, theelectronic card picks up the magnetic field created by the speakers andtheir wires which are present when the audio is played. The pick-upelement in the electronic card is a loop antenna.

6.1 Radio Frequency (RF)

Instead of acoustic signals, the client computer station (e.g., personalcomputer) can generate RF signals to the electronic card. Withappropriate RF decoding circuitry, the electronic card can receive anddecode the RF signals to process the data therein. Again, no additionalhardware would be necessary in the PC to generate the RF signals.

The unique RF transmission technique in the PC involves using theaddress-data bus as the transmission antenna and the CPU as theoscillator. The PC currently generates electromagnetic signals becausethe electronic circuitry in the PC applies voltage to the various busescausing current to run along the wires. The electromagnetic signal is RFin nature because the PC's microprocessor speed is typically in the RFrange (tens to hundreds of MHz). The microprocessor's speed is typically100-450 MHz, although more and more new PCs are being sold withmicroprocessors in the gigahertz range.

As known to those ordinarily skilled in the art, the main frequencycomponent of an RF signal is at the base carrier frequency. For amicroprocessor at 100 MHz, a lot of the signal's power is present at 100MHz. Signal power is also present at other frequencies which are wholenumber multiples of the main base frequency. Thus, some signal power ispresent at 50 MHz (multiple of 2), 33.33 MHz (multiple of 3), 25 MHz(multiple of 4), 20 MHz (multiple of 5), and so on. However, the higherthe multiple, the less likely that the RF signal will have a frequencycomponent at that corresponding frequency. Thus, at a multiple of 100,the chance that some frequency component would exist at 1 MHz is low. Insome embodiments, appropriate division is performed to obtain the FSKfrequencies from the higher RF frequencies.

The first step is to select the frequency of the RF transmission. In theFSK scheme utilized in this invention, the two frequencies areapproximately 1 kHz apart. So, for example, one frequency can be 10.7MHz while the other frequency is 10.699 MHz. The period of thesefrequencies would also have to be determined. Thus, for the frequency10.7 MHz, the period is 93.4579 ns.

The next step is to determine how much time an instruction takes. Basedon this instruction time and the frequencies selected above, the numberof instructions needed for the whole period for each frequency can bedetermined. If frequency 10.7 MHz is selected for one of the RFfrequencies, the number of instructions to fill up the above-calculated93.4579 ns period would also be needed.

The PC's CPU itself will modulate the address-data bus for the desiredfrequency. In the above example, since 10.7 MHz was selected as one ofthe frequencies for transmission, the CPU will apply a logic “1” to thebus for half the period and apply a logic “0” for the other half of theperiod. The length of these logic “1” and “0” values that are applied tothe bus can be controlled by the number of instructions that aredelivered to the microprocessor since the time duration of eachinstruction is known. Accordingly, an RF frequency component will existat 10.7 MHz in the above example. For longer periods (for lowerfrequencies), more instructions are delivered to the microprocessor. Forshorter periods (for higher frequencies), less instructions aredelivered to the microprocessor.

At the electronic card, appropriate RF decoding circuitry can beemployed to receive and decode the RF signals. Referring to FIG. 37, ahigh level view of the RF decoding circuitry in the electronic card isprovided. In this design, off-the-shelf RF IC's are used. The transducer370 receives RF signals and converts them to workable voltage levels.The pre-amplifier and bandpass filter 371 amplify and clean up thesignals for further processing. In particular, the pre-amplifier portionof the unit 371 is a high input impedance amplifier. The bandpass filterportion of the unit 371 filters the signal in order to attenuate speech(or noise) signals. The RF signal is presented to the FM intermediatefrequency (IF) unit 372. A quadrature network unit 374 is provided forfrequency decoding using quadrature demodulation. Finally, themicroprocessor unit 373 in the electronic card accepts the digitaldemodulated FSK signal, or in the alternative, an analog voltage that iscorrelated to the input frequency.

FIG. 38 shows an alternative embodiment. The transducer 380 receives RFsignals and converts them to workable voltage levels. The RF signal ispresented to the FM intermediate frequency (IF) unit 381 for filtering.The bandpass filter 382 cleans up the signals for further processing.The filtered RF signal is presented to the FM intermediate frequency(IF) unit 383 for further filtering. A quadrature network unit 385 isprovided for frequency decoding using quadrature demodulation. Finally,the microprocessor unit 384 in the electronic card accepts the digitaldemodulated FSK signal, or in the alternative, an analog voltage that iscorrelated to the input frequency.

In the electronic card to PC transmission, the microphone in the PC canbe used as the receiving antenna. However, the frequencies selected forthe RF signal should be in the frequency range supported by the soundcard in the PC. If the RF signal is in the 10 mV range, the sound cardin the PC can detect it and process it as audio signals even though thetransmission was via RF.

This embodiment provides several advantages. By using RF signals, theDSP software is much simpler in the electronic card. RF signals are muchstronger and easier to process than acoustic signals. Lots of standardRF components are available in the market at lower cost. The use of RFavoids most acoustic-related issues, such as echo cancellation, range,and interference. The use of RF signals also result in higher bit rates.

Also, in the PC-to-electronic card transmission direction, the soundcard drivers in the PC need not be checked. In fact, a sound system inthe PC is not needed at all for this PC-to-electronic card transmissiondirection.

6.2 Magnetic Field

In another embodiment of the present invention, the interactive systemuses magnetic fields. When audio is played by the speakers, the currentscreated by driving the speakers are not negligible and thus induce asignificant magnetic field. This magnetic field is generated by thespeakers and the wires. However, these magnetic fields drop offsignificantly by a power of 3 so distance from the source of themagnetic field is important.

To pick up the magnetic field, the electronic card must be reasonablyclose to the source of the magnetic field, i.e., speakers and wires.Referring now to FIG. 39, the electronic card employs a loop antenna 390instead of an acoustic transducer to pick up the magnetic field. Becausethe received the magnetic field induces a current in the loop antenna, acurrent-to-voltage converter 391 is provided. The remainder of thecomponents are similar to that for decoding acoustic signals. Inparticular, the gain and bandpass filter 392 filters the signal forfurther processing. An AGC block 394 is provided for SNR improvement.The final processed signal is provided to the microprocessor unit 393for data processing.

With respect to power, a conventional small-sized battery such as VartaLPF-25 is used. In some other embodiments, electronic card power isobtained from the PC via the Hall effect. The electronic card merely hasan antenna with which to pick up signals for processing.

The foregoing description of a preferred embodiment of the invention hasbeen presented for purposes of illustration and description. It is notintended to be exhaustive or to limit the invention to the precise formsdisclosed. Obviously, many modifications and variations will be apparentto practitioners skilled in this art. One skilled in the art willreadily appreciate that other applications may be substituted for thoseset forth herein without departing from the spirit and scope of thepresent invention.

1. A method for performing a secure on-line transaction comprising:transmitting selected payment data to a card issue server, said selectedpayment data including at least one payment type selected from apredetermined list of payment types and, for each selected payment type,a selected amount, by a user; transmitting purchase data and the paymentdata to a merchant server by one of the card issue server and the user;and processing the purchase data and the payment data by the merchantserver.
 2. The method according to claim 1, wherein said transmittingselected payment data includes transmitting a request to pay a firstpart of a transaction price with a selected currency type and to pay asecond part of the transaction price with points.
 3. The methodaccording to claim 1, wherein said transmitting purchase data andpayment data includes transmitting at least one of the user name,shipping address, billing address, and credit card number.
 4. The methodaccording to claim 1, wherein said processing includes finalizing a saleby the merchant server.
 5. The method according to claim 1, furthercomprising, before said transmitting selected payment data: transmittinga first signal indicating a user digital identification (ID) by anelectronic card; receiving the first signal by a user computer;transmitting a second signal indicating the digital ID by the usercomputer to a card issue server, wherein the card issue server storesdata associated with the user, said data including the user digital IDand user account information; authenticating the digital ID by the cardissue server; and selecting payment data by the user; said transmittingpurchase data and payment data being performed after said authenticatingand said selecting payment data; said method further comprisingtransmitting a confirmation signal indicating completion of thetransaction to one of the user computer and the card issue server by themerchant server.
 6. The method according to claim 5, wherein the digitalID is encrypted, said method further including decrypting the digital IDby the card issue server.
 7. The method according to claim 5, furthercomprising, after said transmitting the digital ID, transmitting the URLof the merchant server to the card issue server.
 8. The method accordingto claim 7, wherein said transmitting the URL of the merchant server tothe card issue server is performed one of simultaneous to and subsequentto said transmitting the digital ID to the card issue server.
 9. Themethod according to claim 5, wherein the payment type is selected fromcurrency, frequent flyer miles, points, and goods.
 10. The methodaccording to claim 9 wherein said selecting includes indicating, foreach selected payment type, a corresponding percentage of the totalpayment data.
 11. The method according to claim 5, said method furthercomprising, for each selected payment type and selected amount,transmitting the payment data to the card issue server.
 12. The methodaccording to claim 11, wherein the card issue server deducts theselected amount of each selected payment type from a user account. 13.The method according to claim 12, wherein said card issue server deductsthe selected amount of each selected payment type one of subsequent tocompletion of the transaction and immediately subsequent to saidselecting.
 14. The method according to claim 1, said method furthercomprising, after said processing, transmitting a confirmation oftransaction completion to one of the card issue server and a usercomputer by the merchant server.
 15. The method according to claim 14,the confirmation of transaction completion being sent to the card issueserver by the merchant server; said method further comprisingtransmitting the confirmation to the user computer by the card issueserver.
 16. The method according to claim 5, wherein said transmittingpayment data is performed by the card issue server and wherein saidtransmitting payment data is performed one of immediately subsequent tosaid selecting and immediately subsequent to said authenticating. 17.The method according to claim 5, wherein said selecting is performedafter said transmitting a confirmation signal indicating completion ofthe transaction.
 18. The method according to claim 1, wherein saidtransmitting selected payment data is performed by the user at a usercomputer located at a location accessible to at least a second user. 19.The method according to claim 5, wherein said transmitting selectedpayment data is performed by the user via a user computer.
 20. Themethod according to claim 19, wherein said user computer is one of abase station, a personal computer, a PDA, and an electronic device. 21.The method according to claim 1, further comprising off-lineauthenticating of the user.
 22. The method according to claim 1, whereinsaid transmitting selected payment data is performed by the user at auser computer located at a location accessible to a plurality of users.23. The method according to claim 22, wherein the location accessible toa plurality of users is a point of sale location.